Jakob Rieck

**Name of the Vulnerable Software and Affected Versions** macOS Catalina versions prior to 10.15.3 **Description** A memory corruption issue was addressed with improved memory handling, allowing an application to potentially execute arbitrary code with system privileges. **Recommendations** For macOS Catalina versions prior to 10.15.3, update to macOS Catalina 10.15.3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.13.5 **Description** The issue involves the "Grand Central Dispatch" component and allows attackers to bypass a sandbox protection mechanism. This is achieved by leveraging the misparsing of entitlement plists, which can occur during the authorization process. The exploitation of this issue may enable an attacker to circumvent the restrictions of an isolated environment. **Recommendations** For macOS versions prior to 10.13.5, update to version 10.13.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the "Grand Central Dispatch" component until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.13.5 **Description** The issue involves the `Speech` component and allows attackers to bypass a sandbox protection mechanism to obtain microphone access. **Recommendations** For macOS versions prior to 10.13.5, update to version 10.13.5 or later to resolve the issue.