Apple tvOS HomeKit unknown vulnerability

A vulnerability has been found in Apple tvOS (Digital Media Player) (affected version unknown) and classified as problematic. Affected by this vulnerability is some unknown processing of the component HomeKit. Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Field	04/03/2021 11:23 AM	04/08/2021 05:34 PM
vendor	Apple	Apple
name	tvOS	tvOS
component	HomeKit	HomeKit
cvss3_vuldb_av	N	N
cvss3_vuldb_ac	H	H
cvss3_vuldb_pr	N	N
cvss3_vuldb_ui	N	N
cvss3_vuldb_s	U	U
cvss3_vuldb_c	N	N
cvss3_vuldb_i	L	L
cvss3_vuldb_a	N	N
cvss3_vuldb_e	X	X
cvss3_vuldb_rl	O	O
cvss3_vuldb_rc	C	C
cvss2_vuldb_av	N	N
cvss2_vuldb_ac	H	H
cvss2_vuldb_au	N	N
cvss2_vuldb_ci	N	N
cvss2_vuldb_ii	P	P
cvss2_vuldb_ai	N	N
cvss2_vuldb_e	ND	ND
cvss2_vuldb_rl	OF	OF
cvss2_vuldb_rc	C	C
date	1607900400 (12/14/2020)	1607900400 (12/14/2020)
location	Website	Website
type	Advisory	Advisory
person_name	Luyi Xing/Dongfang Zhao/Xiaofeng Wang/Yan Jia/Bin Yuan	Luyi Xing/Dongfang Zhao/Xiaofeng Wang/Yan Jia/Bin Yuan
disputed	0	0
name	Upgrade	Upgrade
date	1607900400 (12/14/2020)	1607900400 (12/14/2020)
cve	CVE-2020-9978	CVE-2020-9978
cve_assigned	1583103600	1583103600
cve_nvd_summary		This issue was addressed with improved setting propagation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. An attacker in a privileged network position may be able to unexpectedly alter application state.
type		Digital Media Player
cvss2_vuldb_basescore		2.6
cvss2_vuldb_tempscore		2.3
cvss3_vuldb_basescore		3.7
cvss3_vuldb_tempscore		3.6
cvss3_meta_basescore		3.7
cvss3_meta_tempscore		3.6
price_0day		$5k-$25k

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!