cbcvebase.
CVE-2020-9868
published 2020-10-22

CVE-2020-9868: A certificate validation issue existed when processing administrator added certificates. This issue was addressed with improved certificate validation. This…

critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
A certificate validation issue existed when processing administrator added certificates. This issue was addressed with improved certificate validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. An attacker may have been able to impersonate a trusted website using shared key material for an administrator added certificate.

Affected

13 ranges
VendorProductVersion rangeFixed in
appleios>= unspecified < iOS 13.6 and iPadOS 13.6iOS 13.6 and iPadOS 13.6
appleios_13.6_and_ipados
appleipados< 13.613.6
appleiphone_os< 13.613.6
applemac_os_x< 10.15.610.15.6
applemacos>= unspecified < macOS Catalina 10.15.6macOS Catalina 10.15.6
applemacos_catalina_10.15.6_security_update_2020-004_mojave_security_update_2020-004
appletvos< 13.4.813.4.8
appletvos
appletvos>= unspecified < tvOS 13.4.8tvOS 13.4.8
applewatchos< 6.2.86.2.8
applewatchos
applewatchos>= unspecified < watchOS 6.2.8watchOS 6.2.8