CVE-2020-10002

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. A local user may be able to read arbitrary files.

Published: Dec 8, 2020
Updated: Apr 13, 2023
CVE: CVE-2020-10002
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
apple / mac_os_x	-	11.0.1
apple / tvos	-	14.2
apple / itunes	-	12.11
apple / iphone_os	-	14.2
apple / watchos	-	7.1
apple / icloud	-	11.5
apple / ipados	-	14.2
apple / mac_os_x	10.15	10.15.7
apple / mac_os_x	10.14	10.14.6
apple / mac_os_x	10.14.6-security_update_2020-001	10.14.6-security_update_2020-001.x
apple / mac_os_x	10.14.6-security_update_2020-002	10.14.6-security_update_2020-002.x
apple / mac_os_x	10.14.6-security_update_2020-003	10.14.6-security_update_2020-003.x
apple / mac_os_x	10.14.6-security_update_2020-004	10.14.6-security_update_2020-004.x
apple / mac_os_x	10.14.6-security_update_2020-005	10.14.6-security_update_2020-005.x
apple / mac_os_x	10.14.6-security_update_2020-006	10.14.6-security_update_2020-006.x
apple / mac_os_x	10.14.6-security_update_2019-007	10.14.6-security_update_2019-007.x
apple / mac_os_x	10.14.6-security_update_2019-004	10.14.6-security_update_2019-004.x
apple / mac_os_x	10.14.6-security_update_2019-005	10.14.6-security_update_2019-005.x
apple / mac_os_x	10.14.6-security_update_2019-006	10.14.6-security_update_2019-006.x
apple / mac_os_x	10.14.6	10.14.6.x
apple / mac_os_x	10.15.7	10.15.7.x
apple / mac_os_x	10.14.6-security_update_2019-001	10.14.6-security_update_2019-001.x
apple / mac_os_x	10.14.6-security_update_2019-002	10.14.6-security_update_2019-002.x
apple / mac_os_x	10.15.7-security_update_2020	10.15.7-security_update_2020.x

Vulnerability Database

289,697

CVE-2020-10002