CVE-2020-11024

Sažetak

In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable to a man-in-the-middle attack. The bug has been fixed in Moonlight v4.0.1 for iOS and tvOS.

Reference

https://github.com/moonlight-stream/moonlight-ios/pull/405
https://github.com/moonlight-stream/moonlight-ios/security/advisories/GHSA-g298-gp8q-h6j3
https://github.com/moonlight-stream/moonlight-ios/commit/b0149b2fe9125a77ee11fe133382673694b6e8cc

CVSS

Base:	4.9
Impact:	4.9
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:S/C:P/I:P/A:N

Zadnje važnije ažuriranje

26-10-2021 - 20:01

Objavljeno

29-04-2020 - 21:15