CVE-2020-3874Improper Removal of Sensitive Information Before Storage or Transfer in Apple Ipados

CWE-212Improper Removal of Sensitive Information Before Storage or TransferCWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.3MEDIUMNVD
EPSS
0.4%
top 41.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Apple IOSApple IpadosApple Iphone OS
Timeline
PublishedFeb 27
Latest updateMay 24

Description

An issued existed in the naming of screenshots. The issue was corrected with improved naming. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Screenshots of the Messages app may reveal additional message content.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

NVDapple/ipados< 13.3.1
CVEListV5apple/iosunspecifiediOS 13.3.1 and iPadOS 13.3.1
NVDapple/iphone_os< 13.3.1

🔴Vulnerability Details

2
GHSA
GHSA-xv6c-f5jj-3wwc: An issued existed in the naming of screenshots2022-05-24
CVEList
CVE-2020-3874: An issued existed in the naming of screenshots2020-02-27
CVE-2020-3874 — Apple Ipados vulnerability | cvebase