Arbitrary code execution vulnerability in IDE Device Support in Apple Mac OS X - CVE-2020-9992ID: oval:org.secpod.oval:def:65632 | Date: (C)2020-09-17 (M)2023-01-16 |
Class: VULNERABILITY | Family: macos |
The host is installed with Xcode before 12.0 on Apple Mac OS X 10.15.4 or later and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle unencrypted communications with paired devices. Successful exploitation allows an attacker in a privileged network position to execute arbitrary code on a paired device during a debug session over the network.
Platform: |
Apple Mac OS X 10.15 |