CVE-2020-9839

HIGH

macOS cfprefsd Arbitrary File Write Local Privilege Escalation

Title source: metasploit

Description

A race condition was addressed with improved state handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. An application may be able to gain elevated privileges.

Exploits (1)

metasploit WORKING POC EXCELLENT

rubypocosx

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/local/cfprefsd_race_condition.rb

View Code ZIP pw:eip

References (4)

[Vendor Advisory] https://support.apple.com/HT211168

[Vendor Advisory] https://support.apple.com/HT211170

[Vendor Advisory] https://support.apple.com/HT211171

[Vendor Advisory] https://support.apple.com/HT211175

Scores

CVSS v3 7.0

EPSS 0.3589

EPSS Percentile 97.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-362

Status published

Products (5)

apple/ipados < 13.5

apple/iphone_os < 13.5

apple/mac_os_x < 10.15.5

apple/tvos < 13.4.5

apple/watchos < 6.2.5

Published Jun 09, 2020

Tracked Since Feb 18, 2026