What is CVE-2020-9817?

CVE-2020-9817 is a vulnerability in PackageKit that involves a permissions issue.

Which versions of macOS are affected by CVE-2020-9817?

macOS Catalina 10.15.5, Mojave, and High Sierra are affected.

How was CVE-2020-9817 addressed?

The vulnerability was addressed with improved permission validation.

Is there a remedy for macOS Catalina 10.15.5?

Yes, macOS Catalina 10.15.5 has a specific remedy for this vulnerability.

Where can I find more information about CVE-2020-9817?

You can find more information about CVE-2020-9817 at the following reference: [Apple Support](https://support.apple.com/en-us/HT211170)

Vulnerability/
CVE-2020-9817

critical

9.3

CWE

276

26/5/2020

9/6/2020

4/8/2024

CVE-2020-9817

First published: Tue May 26 2020(Updated: )

PackageKit. A permissions issue existed. This issue was addressed with improved permission validation.

Credit: Andy Grant NCC Group product-security@apple.com

Affected Software	Affected Version	How to fix
macOS Catalina	<10.15.5	10.15.5
macOS Mojave
macOS High Sierra
Apple iOS and macOS	>=10.13<10.13.6
Apple iOS and macOS	>=10.14<10.14.6
Apple iOS and macOS	>=10.15<10.15.5
Apple iOS and macOS	=10.13.6
Apple iOS and macOS	=10.13.6-security_update_2018-002
Apple iOS and macOS	=10.13.6-security_update_2018-003
Apple iOS and macOS	=10.13.6-security_update_2019-001
Apple iOS and macOS	=10.13.6-security_update_2019-002
Apple iOS and macOS	=10.13.6-security_update_2019-003
Apple iOS and macOS	=10.13.6-security_update_2019-004
Apple iOS and macOS	=10.13.6-security_update_2019-005
Apple iOS and macOS	=10.13.6-security_update_2019-006
Apple iOS and macOS	=10.13.6-security_update_2019-007
Apple iOS and macOS	=10.13.6-security_update_2020-001
Apple iOS and macOS	=10.13.6-security_update_2020-002
Apple iOS and macOS	=10.14.6
Apple iOS and macOS	=10.14.6-security_update_2019-001
Apple iOS and macOS	=10.14.6-security_update_2019-002
Apple iOS and macOS	=10.14.6-security_update_2019-004
Apple iOS and macOS	=10.14.6-security_update_2019-005
Apple iOS and macOS	=10.14.6-security_update_2019-006
Apple iOS and macOS	=10.14.6-security_update_2019-007
Apple iOS and macOS	=10.14.6-security_update_2020-001
Apple iOS and macOS	=10.14.6-security_update_2020-002

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

HT211170

Frequently Asked Questions

What is CVE-2020-9817?
CVE-2020-9817 is a vulnerability in PackageKit that involves a permissions issue.
Which versions of macOS are affected by CVE-2020-9817?
macOS Catalina 10.15.5, Mojave, and High Sierra are affected.
How was CVE-2020-9817 addressed?
The vulnerability was addressed with improved permission validation.
Is there a remedy for macOS Catalina 10.15.5?
Yes, macOS Catalina 10.15.5 has a specific remedy for this vulnerability.
Where can I find more information about CVE-2020-9817?
You can find more information about CVE-2020-9817 at the following reference: [Apple Support](https://support.apple.com/en-us/HT211170)

agent/type
agent/first-publish-date
agent/weakness
agent/references
agent/author
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/trending
agent/source
agent/tags
agent/softwarecombine
collector/apple-support
agent/software-canonical-lookup-request
collector/nvd-index
vendor/apple
canonical/macos catalina
canonical/macos mojave
canonical/macos high sierra
canonical/apple ios and macos
version/apple ios and macos/10.13
version/apple ios and macos/10.14
version/apple ios and macos/10.15
version/apple ios and macos/10.13.6
version/apple ios and macos/10.13.6-security_update_2018-002
version/apple ios and macos/10.13.6-security_update_2018-003
version/apple ios and macos/10.13.6-security_update_2019-001
version/apple ios and macos/10.13.6-security_update_2019-002
version/apple ios and macos/10.13.6-security_update_2019-003
version/apple ios and macos/10.13.6-security_update_2019-004
version/apple ios and macos/10.13.6-security_update_2019-005
version/apple ios and macos/10.13.6-security_update_2019-006
version/apple ios and macos/10.13.6-security_update_2019-007
version/apple ios and macos/10.13.6-security_update_2020-001
version/apple ios and macos/10.13.6-security_update_2020-002
version/apple ios and macos/10.14.6
version/apple ios and macos/10.14.6-security_update_2019-001
version/apple ios and macos/10.14.6-security_update_2019-002
version/apple ios and macos/10.14.6-security_update_2019-004
version/apple ios and macos/10.14.6-security_update_2019-005
version/apple ios and macos/10.14.6-security_update_2019-006
version/apple ios and macos/10.14.6-security_update_2019-007
version/apple ios and macos/10.14.6-security_update_2020-001
version/apple ios and macos/10.14.6-security_update_2020-002