CVE-2020-9781: Medium severity apple ios and ipados vulnerability

Q: What is the vulnerability ID for this issue in Safari?

The vulnerability ID for this issue in Safari is CVE-2020-9781.

Q: What software is affected by this vulnerability?

The Apple iOS and Apple iPadOS versions up to but not including 13.4 are affected by this vulnerability.

Q: What version of iOS is the remedy available for?

The remedy is available for iOS version 13.4.

Q: Where can I find more information about this vulnerability?

You can find more information about this vulnerability on the Apple support website: [link](https://support.apple.com/en-us/HT211102).

Published Mar 24, 2020

Updated

Safari. The issue was addressed by clearing website permission prompts after navigation.

Other sources

The issue was addressed by clearing website permission prompts after navigation. This issue is fixed in iOS 13.4 and iPadOS 13.4. A user may grant website permissions to a site they didn't intend to.

Credit

Nikhil Mittal@@c0d3G33k(Payatu Labs)

Affected Software

4 affected componentsFixes available

Apple iOS and iPadOS<13.4

13.4

Apple iOS, iPadOS, and macOS<13.4

13.4

Apple iOS, iPadOS, and macOS<13.4

iPhone OS<13.4

Event History

Apr 1, 2020

CVE Published

via MITRE·05:56 PM

Data Sourced

via MITRE·05:56 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT211102

Frequently Asked Questions

What is the vulnerability ID for this issue in Safari?

The vulnerability ID for this issue in Safari is CVE-2020-9781.

What software is affected by this vulnerability?

The Apple iOS and Apple iPadOS versions up to but not including 13.4 are affected by this vulnerability.

What was the remedy for this vulnerability?

The issue was addressed by clearing website permission prompts after navigation.

What version of iOS is the remedy available for?