Vulnerability identifier: #VU46805

Vulnerability risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2020-9992

CWE-ID: CWE-311

Exploitation vector: Local network

Exploits in database: 1

• September 24, 2020
  • c0ntextomy (CVE-2020-9992 - A design flaw in MobileDevice.framework/Xcode and iOS/iPadOS/tvOS Development Tools allows an attacker in the same network to gain remote code execution on a target device) [Github]

Impact: Code execution

Vulnerable software:
Apple Xcode
Universal components / Libraries / Software for developers

Vendor: Apple Inc.