Main Vulnerability Database Exploits ID:4651 - Exploit for Missing Encryption of Sensitive Data in Apple Xcode - CVE-2020-9992

ID:4651 - Exploit for Missing Encryption of Sensitive Data in Apple Xcode - CVE-2020-9992

Published: September 24, 2020

Vulnerability identifier: #VU46805

Vulnerability risk: Medium

CVE-ID: CVE-2020-9992

CWE-ID: CWE-311

Exploitation vector: Adjecent network

Vulnerable software:
Apple Xcode

Link to public exploit:

https://github.com/c0ntextomy/c0ntextomy

Vulnerability description

The vulnerability allows a remote attacker to compromise the affected device.

The vulnerability exists due to missing encryption on communication during a debug session over the network. A remote attacker with access to the same network as the device can inject and execute arbitrary code on the system.

Remediation

Install updates from vendor's website.

ID:4651 - Exploit for Missing Encryption of Sensitive Data in Apple Xcode - CVE-2020-9992

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human