Apple tvOS HomeKit unknown vulnerability

entryeditHistoryDiffjsonxmlCTI

A vulnerability has been found in Apple tvOS (Digital Media Player) (affected version unknown) and classified as problematic. Affected by this vulnerability is some unknown processing of the component HomeKit. Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Field04/03/2021 11:23 AM04/08/2021 05:34 PM
vendorAppleApple
nametvOStvOS
componentHomeKitHomeKit
cvss3_vuldb_avNN
cvss3_vuldb_acHH
cvss3_vuldb_prNN
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cNN
cvss3_vuldb_iLL
cvss3_vuldb_aNN
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
cvss2_vuldb_avNN
cvss2_vuldb_acHH
cvss2_vuldb_auNN
cvss2_vuldb_ciNN
cvss2_vuldb_iiPP
cvss2_vuldb_aiNN
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcCC
date1607900400 (12/14/2020)1607900400 (12/14/2020)
locationWebsiteWebsite
typeAdvisoryAdvisory
person_nameLuyi Xing/Dongfang Zhao/Xiaofeng Wang/Yan Jia/Bin YuanLuyi Xing/Dongfang Zhao/Xiaofeng Wang/Yan Jia/Bin Yuan
disputed00
nameUpgradeUpgrade
date1607900400 (12/14/2020)1607900400 (12/14/2020)
cveCVE-2020-9978CVE-2020-9978
cve_assigned15831036001583103600
cve_nvd_summaryThis issue was addressed with improved setting propagation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. An attacker in a privileged network position may be able to unexpectedly alter application state.
typeDigital Media Player
cvss2_vuldb_basescore2.6
cvss2_vuldb_tempscore2.3
cvss3_vuldb_basescore3.7
cvss3_vuldb_tempscore3.6
cvss3_meta_basescore3.7
cvss3_meta_tempscore3.6
price_0day$5k-$25k

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!