{"vulnerability": "cve-2020-9992", "sightings": [{"uuid": "d43e78a7-c341-427e-b25b-9b681febd501", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-9992", "type": "seen", "source": "https://t.me/sxcteam/152", "content": "Apple High Severity Bug Allows Attackers to Execute Arbitrary Code on iPhone, iPad, iPod.\n\nApple release updates for iOS and iPadOS operating systems that fixes several security iPhone, iPad, and iPod devices.\n\nWith the security update, Apple addressed 11 bugs in various products and components such as AppleAVD, Apple Keyboard, WebKit, and Siri.\n\nAmong the fixed vulnerabilities the high severity one is CVE-2020-9992, which allows attackers to execute arbitrary code on the system.\n\nhahahah there's a security flaw on Apple's website", "creation_timestamp": "2022-08-04T16:58:09.000000Z"}, {"uuid": "9109567d-7bc0-4f48-a4c2-77fee38399d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-9992", "type": "seen", "source": "https://t.me/information_security_channel/40439", "content": "Apple release updates for iOS and iPadOS operating systems that fixes several security iPhone, iPad, and iPod devices. With the security update, Apple addressed 11 bugs in various products and components such as AppleAVD, Apple Keyboard, WebKit, and Siri. Among the fixed vulnerabilities the high severity one is CVE-2020-9992, which allows attackers to execute arbitrary [\u2026]\nThe post Apple High Severity Bug Allows Attackers to Execute Arbitrary Code on iPhone, iPad, iPod (https://gbhackers.com/apple-high-severity-flaw/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2020-09-18T06:51:56.000000Z"}, {"uuid": "259e32ba-4934-4a63-a033-58afe3844fda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-9992", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1887", "content": "#exploit\nCVE-2020-9992:\nA design flaw in MobileDevice.framework/Xcode and iOS/iPadOS/tvOS Development Tools allows an attacker in the same network to gain remote code execution on a target device\nhttps://blog.zimperium.com/c0ntextomy-lets-debug-together-cve-2020-9992\n]-&gt; PoC:\nhttps://github.com/c0ntextomy/c0ntextomy", "creation_timestamp": "2022-09-08T16:14:37.000000Z"}, {"uuid": "f52bec16-c082-45b8-9b28-5bbe24bb869d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-9992", "type": "seen", "source": "https://t.me/true_secator/952", "content": "\u200b\u200b\u0412\u0441\u0435-\u0442\u0430\u043a\u0438 \u043c\u044b \u043d\u0435 \u0437\u0440\u044f \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u043b\u0438 \u0432\u0441\u0435\u0445 \u0431\u044b\u0441\u0442\u0440\u0435\u0435 \u0430\u043f\u0434\u0435\u0439\u0442\u0438\u0442\u044c \u0441\u0432\u043e\u0438 Apple \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430. \u041a\u0440\u043e\u043c\u0435 \u043d\u043e\u0432\u044b\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043f\u0440\u043e \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u044b \u043f\u0438\u0441\u0430\u043b\u0438 \u0432\u0447\u0435\u0440\u0430, \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u044f \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043f\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c iOS 14 \u0438 iPadOS 14.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u043f\u0440\u0438\u0447\u0438\u043d\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0438 \u043f\u043e\u0434\u0440\u0430\u0437\u0443\u043c\u0435\u0432\u0430\u043b\u0430\u0441\u044c \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e, - \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0438\u043c\u0435\u044e\u0449\u0438\u0445\u0441\u044f \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Apple \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u0414\u0430\u0432\u043d\u043e \u0443\u0436\u0435 \u043c\u0438\u043d\u0443\u043b\u0438 \u0432\u0440\u0435\u043c\u0435\u043d\u0430, \u043a\u043e\u0433\u0434\u0430 \u044f\u0431\u043b\u043e\u0447\u043d\u043e\u0435 \u041f\u041e \u0441\u0447\u0438\u0442\u0430\u043b\u043e\u0441\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u043c. \u0412 \u043d\u043e\u0432\u043e\u043c \u0440\u0435\u043b\u0438\u0437\u0435 \u0441\u0432\u043e\u0438\u0445 \u041e\u0421 Apple \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 11 \u043e\u0448\u0438\u0431\u043e\u043a \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 \u0448\u0438\u0440\u043e\u043a\u043e\u0433\u043e \u0441\u043f\u0435\u043a\u0442\u0440\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 \u0432\u043f\u043b\u043e\u0442\u044c \u0434\u043e RCE.\n\n\u041a \u043f\u0440\u0438\u043c\u0435\u0440\u0443, CVE-2020-9992, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f 7,3 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434, \u0435\u0441\u043b\u0438 \u0436\u0435\u0440\u0442\u0432\u0430 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u043b\u0430 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u043d\u0430 \u0441\u043e\u043f\u0440\u044f\u0436\u0435\u043d\u043d\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435. \u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435\u0442, \u043d\u043e \u043f\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0438\u044e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u0437 IBM X-Force \u043e\u0448\u0438\u0431\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0430\u0431\u043e\u0440\u043e\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 Xcode, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 macOS 10.15.4 - 10.15.6 (\u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u0435\u043b\u0438\u0437). \u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043f\u043e\u043b\u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0442\u044c \u0438 \u044f\u0431\u043b\u043e\u0431\u0443\u043a\u0438.\n\n\u0414\u0440\u0443\u0433\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430 CVE-2020-9959 \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438 Siri \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u043f\u0440\u043e\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0442\u044c \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0439 \u0441 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.  \u0418 \u0442\u0430\u043a \u0434\u0430\u043b\u0435\u0435 - \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438, \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442\u0438\u043d\u0433 \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0412\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438\u0447\u0438\u043d\u0430 - \u0442\u0435\u043f\u0435\u0440\u044c iOS 14 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u043e \u0441\u043f\u0438\u0441\u043a\u0443 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0443\u0442\u0435\u0447\u0435\u043a. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c, \u043f\u043e \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044e Apple, \"\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0435 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043c\u0435\u0442\u043e\u0434\u044b\", \u0432\u0438\u0434\u0438\u043c\u043e \u0441\u0447\u0438\u0442\u0430\u0435\u0442 \u0445\u0435\u0448\u0438. \u041f\u0440\u0438 \u043d\u0430\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043e\u043a \u0432\u043b\u0430\u0434\u0435\u043b\u0435\u0446 \u0431\u0443\u0434\u0435\u0442 \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u0432 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0441\u0442\u044c.", "creation_timestamp": "2020-09-18T13:27:51.000000Z"}]}