CVE-2020-3917

Published: Apr 1, 2020Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

This issue was addressed with a new entitlement. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to use an SSH client provided by private frameworks.

Affected (4)

Products: Apple: Ipados, Iphone Os, Tvos, Watchos

4 products

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Apple Ipados	Before 13.4
Apple Iphone Os	Before 13.4
Apple Tvos	Before 13.4
Apple Watchos	Before 6.2

References (6)

https://support.apple.com/HT211101

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/HT211102

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/HT211103

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/HT211101

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/HT211102

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/HT211103

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.