What is CVE-2020-9850?

CVE-2020-9850 is a vulnerability in Apple Icloud For Windows. Published 2020-06-09.

Is CVE-2020-9850 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apple Icloud For Windows

CVE-2020-9850

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote atta…

EPSS: 0.828 (99.3th percentile) — read the EPSS interpretation.

Affected products

Apple Icloud For Windows — versions unspecified
Apple Icloud For Windows (Legacy) — versions unspecified
Apple Ios — versions unspecified
Apple Itunes For Windows — versions unspecified
Apple Safari — versions unspecified
Apple Tvos — versions unspecified
Apple Watchos — versions unspecified

Public proof-of-concept exploits

References

support.apple.com/HT211168 (x_refsource_MISC)
support.apple.com/HT211171 (x_refsource_MISC)
support.apple.com/HT211175 (x_refsource_MISC)
support.apple.com/HT211178 (x_refsource_MISC)
support.apple.com/HT211179 (x_refsource_MISC)
support.apple.com/HT211181 (x_refsource_MISC)
support.apple.com/HT211177 (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-9850?: CVE-2020-9850 is a vulnerability in Apple Icloud For Windows. Published 2020-06-09.
Is CVE-2020-9850 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.