Arbitrary code execution vulnerability in Xcode - APPLE-SA-2020-09-16-5ID: oval:org.secpod.oval:def:65631 | Date: (C)2020-09-17 (M)2023-01-16 |
Class: PATCH | Family: macos |
The host is missing a security update according to the Apple advisory APPLE-SA-2020-09-16-5 and is prone to an arbitrary code execution. A flaw is present in the application, which fails to properly handle handle unencrypted communications with paired devices. Successful exploitation allows an attacker in a privileged network position to execute arbitrary code on a paired device during a debug session over the network.
Platform: |
Apple Mac OS X 10.15 |