PT-2020-16835 · Apple · Apple Macos+1

Luyi Xing

Published

2020-11-12

Updated

2021-05-04

CVE-2020-27897

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions macOS versions prior to 11.1 macOS Big Sur version 11.0.1 Security Update versions prior to 2020-001 Catalina Security Update versions prior to 2020-007 Mojave

Description An out-of-bounds write issue was addressed with improved bounds checking, allowing an application to potentially execute arbitrary code with kernel privileges.

Recommendations For macOS versions prior to 11.1, update to macOS Big Sur 11.1 or later. For macOS Big Sur version 11.0.1, update to macOS Big Sur 11.1 or later. For Security Update versions prior to 2020-001 Catalina, apply Security Update 2020-001 Catalina or later. For Security Update versions prior to 2020-007 Mojave, apply Security Update 2020-007 Mojave or later.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2020-27897

ZDI-20-1401

ZDI-20-1402

ZDI-20-1403

ZDI-21-378

ZDI-21-379

ZDI-21-380

ZDI-21-381

ZDI-21-382

ZDI-21-383

ZDI-21-384

ZDI-21-385

ZDI-21-386

ZDI-21-387

ZDI-21-388

ZDI-21-390

ZDI-21-391

ZDI-21-392

ZDI-21-393

ZDI-21-394

ZDI-21-395

ZDI-21-396

ZDI-21-397

ZDI-21-486

Affected Products

Apple Macos

Macos Big Sur

PT-2020-16835 · Apple · Apple Macos+1

CVE-2020-27897

Weakness Enumeration

Related Identifiers

Affected Products

References · 35