CVE-2020-11024

High

In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable to a man-in-the-middle attack. The bug has been fixed in Moonlight…

GitHub_M·CWE-300·Published 2020-04-29

CVSS

8.2

EPSS

0.01

KEV

Exploits

cve.orgen

161 chars

In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable to a man-in-the-middle attack. The bug has been fixed in Moonlight v4.0.1 for iOS and tvOS.

NVDen

161 chars

In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable to a man-in-the-middle attack. The bug has been fixed in Moonlight v4.0.1 for iOS and tvOS.

En Moonlight iOS/tvOS versiones anteriores a la versión 4.0.1, el proceso de emparejamiento es vulnerable a un ataque de tipo man-in-the-middle. El bug se ha corregido en Moonlight versión v4.0.1 para iOS y tvOS.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.9	6.8	4.9	AV:N/AC:M/Au:S/C:P/I:P/A:N
3.1	Primary	NVD	8.2	1.8	5.8	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
3.1	Primary	cve.org	6.1	—	—	CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L
3.1	Primary	cve.org	6.1	—	—	CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L
3.1	Secondary	NVD	6.1	0.3	5.3	CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L