CVE-2020-6812

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-6812

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-6812.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-6812

Downstream

DEBIAN-CVE-2020-6812

DLA-2140-1

DLA-2150-1

DSA-4639-1

DSA-4642-1

RHSA-2020:0815

RHSA-2020:0816

RHSA-2020:0819

RHSA-2020:0820

RHSA-2020:0905

RHSA-2020:0914

RHSA-2020:0918

RHSA-2020:0919

SUSE-SU-2020:0686-1

SUSE-SU-2020:0717-1

SUSE-SU-2020:0721-1

SUSE-SU-2020:14312-1

UBUNTU-CVE-2020-6812

USN-4299-1

USN-4328-1

USN-4335-1

openSUSE-SU-2020:0340-1

openSUSE-SU-2020:0366-1

openSUSE-SU-2024:10600-1

openSUSE-SU-2024:10601-1

openSUSE-SU-2024:14572-1

Related

Published

2020-03-25T22:15:12Z

Modified

2025-08-09T19:01:28Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

The first time AirPods are connected to an iPhone, they become named after the user's name by default (e.g. Jane Doe's AirPods.) Websites with camera or microphone permission are able to enumerate device names, disclosing the user's name. To resolve this issue, Firefox added a special case that renames devices containing the substring 'AirPods' to simply 'AirPods'. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.

References

Affected packages