PT-2020-17231 · Apple · Mojave+3
Jewel Lambert
·
Published
2020-12-14
·
Updated
2021-04-08
·
CVE-2020-29633
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
macOS Big Sur versions prior to 11.2
Security Update versions prior to 2021-001 on Catalina
Security Update versions prior to 2021-001 on Mojave
Security Update versions prior to 2020-001 on Catalina
Security Update versions prior to 2020-007 on Mojave
Description
An authentication issue was addressed with improved state management, allowing an attacker in a privileged network position to potentially bypass authentication policy.
Recommendations
For macOS Big Sur versions prior to 11.2, update to macOS Big Sur 11.2 or later.
For Security Update versions prior to 2021-001 on Catalina, apply Security Update 2021-001 or later.
For Security Update versions prior to 2021-001 on Mojave, apply Security Update 2021-001 or later.
For Security Update versions prior to 2020-001 on Catalina, apply Security Update 2020-001 or later.
For Security Update versions prior to 2020-007 on Mojave, apply Security Update 2020-007 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Catalina
Apple Macos
Mojave
Macos Big Sur