CVE-2020-9994 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2020-9994

CWE

https://cwe.mitre.org/data/definitions/.html

A path handling issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to overwrite arbitrary files.

Affected Software

Name	Vendor	Start Version	End Version
Ipados	Apple	*	13.5 (excluding)
Iphone_os	Apple	*	13.5 (excluding)
Mac_os_x	Apple	*	10.15.5 (excluding)
Tvos	Apple	*	13.4.5 (excluding)
Watchos	Apple	*	6.2.5 (excluding)

References

https://support.apple.com/kb/HT211168
https://support.apple.com/kb/HT211170
https://support.apple.com/kb/HT211171
https://support.apple.com/kb/HT211175