PT-2020-16839 · Apple · Macos Mojave+3

Thijs Alkemade

Published

2020-11-12

Updated

2021-04-07

CVE-2020-27901

CVSS v3.1

6.3

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions macOS Big Sur versions prior to 11.1 Security Update 2020-001 Catalina (affected versions not specified) Security Update 2020-007 Mojave (affected versions not specified)

Description A logic issue was addressed with improved restrictions, allowing a sandboxed process to potentially circumvent sandbox restrictions.

Recommendations For macOS Big Sur versions prior to 11.1, update to macOS Big Sur 11.1 or later. For Security Update 2020-001 Catalina, apply Security Update 2020-001 or later. For Security Update 2020-007 Mojave, apply Security Update 2020-007 or later. As a temporary workaround, consider restricting the functionality of sandboxed processes until a patch is available.

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

CVE-2020-27901

Affected Products

Apple Macos

Macos Big Sur

Macos Catalina

Macos Mojave

PT-2020-16839 · Apple · Macos Mojave+3

CVE-2020-27901

Weakness Enumeration

Related Identifiers

Affected Products

References · 8