CyberSec.Space Logo
Back to CVE Browser

CVE-2020-9934

Known Exploited (CISA KEV)MEDIUM
5.5
CVSS Severity Score
EPSS Score28.6370%
EPSS Percentile89.43th
PublishedOct 16, 2020
Last ModifiedOct 23, 2025

Vulnerability Description

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information.

Affected Platforms (CPE)

πŸ’»
Apple

Ipados

< 13.6
πŸ’»
Apple

Iphone Os

< 13.6
πŸ’»
Apple

Mac Os X

< 10.15.6

References & Advisories

πŸ”— https://support.apple.com/HT211288
πŸ”— https://support.apple.com/HT211289
πŸ”— https://support.apple.com/HT211288
πŸ”— https://support.apple.com/HT211289
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-9934

Related Vulnerabilities

CVE-2019-877910.0

A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions...

CVE-2020-39109.8

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10....

CVE-2020-39099.8

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10....

CVE-2020-39119.8

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10....