### [CVE-2020-9934](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9934)
![](https://img.shields.io/static/v1?label=Product&message=iOS&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=macOS&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%20iOS%2013.6%20and%20iPadOS%2013.6%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3C%20macOS%20Catalina%2010.15.6%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=A%20local%20user%20may%20be%20able%20to%20view%20sensitive%20user%20information&color=brighgreen)

### Description

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/3th1c4l-t0n1/awesome-csirt
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Spacial/awesome-csirt
- https://github.com/V0lk3n/OSMR-CheatSheet
- https://github.com/alphaSeclab/sec-daily-2020
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/houjingyi233/macOS-iOS-system-security
- https://github.com/mattshockl/CVE-2020-9934
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC