The first time AirPods are connected to an iPhone, they become named after the user’s name by default (e.g. Jane Doe’s AirPods.) Websites with camera or microphone permission are able to enumerate device names, disclosing the user’s name. To resolve this issue, Firefox added a special case that renames devices containing the substring ‘AirPods’ to simply ‘AirPods’. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.

CPENameOperatorVersion
ubuntu_linuxeq18.04
ubuntu_linuxeq19.10
ubuntu_linuxeq16.04
firefoxlt74.0
firefox_esrlt68.6.0
thunderbirdlt68.6.0

Name	Operator	Version
ubuntu_linux	eq	18.04
ubuntu_linux	eq	19.10
ubuntu_linux	eq	16.04
firefox	lt	74.0
firefox_esr	lt	68.6.0
thunderbird	lt	68.6.0

References

bugzilla.mozilla.org/show_bug.cgi?id=1616661

usn.ubuntu.com/4328-1/

usn.ubuntu.com/4335-1/

www.mozilla.org/security/advisories/mfsa2020-08/

www.mozilla.org/security/advisories/mfsa2020-09/

www.mozilla.org/security/advisories/mfsa2020-10/

ubuntucve 1

redhatcve 1

cve 1

veracode 1

cvelist 1

nvd 1

debiancve 1

alpinelinux 1

threatpost 2

redhat 8

oraclelinux 6

nessus 54

centos 4

openvas 27

altlinux 2

debian 4

amazon 1

mozilla 3

slackware 2

mageia 2

osv 4

suse 2

kaspersky 3

archlinux 2

ubuntu 3

gentoo 2

ubuntucve

CVE-2020-6812

2020-03-11 00:00:00

redhatcve

CVE-2020-6812

2020-04-03 02:05:00

cve

CVE-2020-6812

2020-03-25 22:15:12

veracode

Information Disclosure

2020-03-18 00:55:41

cvelist

CVE-2020-6812

2020-03-25 21:12:19

nvd

CVE-2020-6812

2020-03-25 22:15:12

debiancve

CVE-2020-6812

2020-03-25 22:15:12

alpinelinux

CVE-2020-6812

2020-03-25 22:15:12

threatpost

Firefox Bug Opens iPhone AirPods to Third-Party Snooping

2020-03-10 18:14:15

Firefox Bug Opens iPhone AirPods to Third-Party Snooping

2020-03-10 18:14:15

redhat

(RHSA-2020:0815) Important: firefox security update

2020-03-16 08:03:05

(RHSA-2020:0820) Important: firefox security update

2020-03-16 10:34:23

(RHSA-2020:0919) Important: thunderbird security update

2020-03-23 07:49:48

oraclelinux

firefox security update

2020-03-16 00:00:00

thunderbird security update

2020-03-20 00:00:00

thunderbird security update

2020-07-07 00:00:00

nessus

Mozilla Firefox ESR < 68.6 Multiple Vulnerabilities

2020-03-11 00:00:00

Mozilla Firefox ESR < 68.6 Multiple Vulnerabilities

2020-03-11 00:00:00

RHEL 6 : firefox (RHSA-2020:0816)

2020-03-18 00:00:00

centos

firefox security update

2020-03-25 19:19:48

thunderbird security update

2020-03-25 19:17:21

thunderbird security update

2020-03-25 19:18:41

openvas

CentOS: Security Advisory for thunderbird (CESA-2020:0905)

2020-03-26 00:00:00

SUSE: Security Advisory (SUSE-SU-2020:0686-1)

2021-06-09 00:00:00

Mozilla Firefox ESR Security Advisories (MFSA2020-08, MFSA2020-09) - Windows

2020-03-12 00:00:00

altlinux

Security fix for the ALT Linux 10 package firefox-esr version 68.6.0-alt1

2020-03-10 00:00:00

Security fix for the ALT Linux 10 package thunderbird version 68.6.0-alt1

2020-03-14 00:00:00

debian

[SECURITY] [DSA 4639-1] firefox-esr security update

2020-03-11 19:17:38

[SECURITY] [DLA 2140-1] firefox-esr security update

2020-03-11 21:34:36

[SECURITY] [DSA 4642-1] thunderbird security update

2020-03-19 22:32:44

amazon

Important: thunderbird

2020-04-20 20:48:00

mozilla

Security Vulnerabilities fixed in Thunderbird 68.6 — Mozilla

2020-03-10 00:00:00

Security Vulnerabilities fixed in Firefox ESR 68.6 — Mozilla

2020-03-10 00:00:00

Security Vulnerabilities fixed in Firefox 74 — Mozilla

2020-03-10 00:00:00

slackware

[slackware-security] mozilla-thunderbird

2020-03-13 21:47:41

[slackware-security] mozilla-firefox

2020-03-10 20:37:32

mageia

Updated firefox packages fix security vulnerabilities

2020-03-14 11:35:35

Updated thunderbird packages fix security vulnerabilities

2020-03-14 11:35:35

osv

thunderbird - security update

2020-03-20 00:00:00

firefox-esr - security update

2020-03-11 00:00:00

firefox-esr - security update

2020-03-11 00:00:00

suse

Security update for MozillaThunderbird (important)

2020-03-22 00:00:00

Security update for MozillaFirefox (important)

2020-03-14 00:00:00

kaspersky

KLA11701 Multiple vulnerabilities in Mozilla Thunderbird

2020-03-10 00:00:00

KLA11688 Multiple vulnerabilities in Mozilla Firefox ESR

2020-03-10 00:00:00

KLA11691 Multiple vulnerabilities in Mozilla Firefox

2020-02-12 00:00:00

archlinux

[ASA-202003-11] thunderbird: multiple issues

2020-03-16 00:00:00

[ASA-202003-8] firefox: multiple issues

2020-03-11 00:00:00

ubuntu

Firefox vulnerabilities

2020-03-11 00:00:00

Thunderbird vulnerabilities

2020-04-13 00:00:00

Thunderbird vulnerabilities

2020-04-21 00:00:00

gentoo

Mozilla Firefox: Multiple vulnerabilities

2020-03-12 00:00:00

Mozilla Thunderbird: Multiple vulnerabilities

2020-03-14 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.2 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.9%

JSON

Related for PRION:CVE-2020-6812