First published: Wed Jul 15 2020(Updated: )
An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information.
Credit: Matt Shockley (linkedin.com/in/shocktop) Matt Shockley (linkedin.com/in/shocktop) product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iOS | <13.6 | 13.6 |
Apple iPadOS | <13.6 | 13.6 |
Apple macOS Catalina | <10.15.6 | 10.15.6 |
Apple Mojave | ||
Apple High Sierra | ||
Apple iPadOS | <13.6 | |
Apple iPhone OS | <13.6 | |
Apple Mac OS X | <10.15.6 | |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2020-9934 is an unspecified vulnerability in Apple iOS, iPadOS, and macOS involving input validation.
The severity of CVE-2020-9934 is not mentioned in the information provided.
A local attacker can exploit CVE-2020-9934 to view sensitive user information.
Apple macOS Catalina 10.15.6 is affected by CVE-2020-9934.
Apple iOS and iPadOS up to version 13.6 are affected by CVE-2020-9934.