CVE-2020-9986 — Apple Macos vulnerability

3 documents3 sources

Severity

3.3LOWNVD

EPSS

0.2%

top 60.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Macos Apple MAC OS X

Timeline

PublishedOct 22

Latest updateMay 24

Description

A file access issue existed with certain home folder files. This was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.7. A malicious application may be able to read sensitive location information.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5apple/macosunspecified — macOS Catalina 10.15.7

▶NVDapple/mac_os_x< 10.15.7

🔴Vulnerability Details

GHSA

GHSA-mq53-q6cw-r9cc: A file access issue existed with certain home folder files↗2022-05-24

▶

📄Research Papers

arXiv

Who Can Find My Devices? Security and Privacy of Apple's Crowd-Sourced Bluetooth Location Tracking System↗2021-03-03

▶