A vulnerability was found in Apple watchOS up to 5.3.8/6.2.8/7.0.3 (Smartwatch Operating System). It has been classified as problematic. This affects an unknown code of the component Logging. The manipulation with an unknown input leads to a path traversal vulnerability. CWE is classifying the issue as CWE-22. The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. This is going to have an impact on confidentiality, integrity, and availability.

The weakness was disclosed 11/05/2020 by Tommy Muir as HT211928 as confirmed advisory (Website). It is possible to read the advisory at support.apple.com. This vulnerability is uniquely identified as CVE-2020-10010. The exploitability is told to be easy. Attacking locally is a requirement. The technical details are unknown and an exploit is not publicly available. The attack technique deployed by this issue is T1006 according to MITRE ATT&CK. The advisory points out:

A local attacker may be able to elevate their privileges

Upgrading to version 5.3.9, 6.2.9 or 7.1 eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability. The advisory contains the following remark:

A path handling issue was addressed with improved validation.

Productinfo

Type

• Smartwatch Operating System

Vendor

• Apple

Name

• watchOS

Version

• 5.3.0
• 5.3.1
• 5.3.2
• 5.3.3
• 5.3.4
• 5.3.5
• 5.3.6
• 5.3.7
• 5.3.8
• 6.2.0
• 6.2.1
• 6.2.2
• 6.2.3
• 6.2.4
• 6.2.5
• 6.2.6
• 6.2.7
• 6.2.8
• 7.0.0
• 7.0.1
• 7.0.2
• 7.0.3

License

• commercial

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion