CVE-2020-6812

Description

The first time AirPods are connected to an iPhone, they become named after the users name by default (e.g. Jane Does AirPods.) Websites with camera or microphone permission are able to enumerate device names, disclosing the users name. To resolve this issue, Firefox added a special case that renames devices containing the substring AirPods to simply AirPods. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.