PT-2020-20757 · Apple · Apple Macos

Allison Husain

Published

2020-10-27

Updated

2020-11-04

CVE-2020-9782

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions macOS versions prior to 10.15.2 Security Update 2019-002 Mojave versions prior to the update Security Update 2019-007 High Sierra versions prior to the update

Description A parsing issue in the handling of directory paths was addressed with improved path validation. A remote attacker may be able to overwrite existing files.

Recommendations For macOS versions prior to 10.15.2, update to macOS Catalina 10.15.2. For Security Update 2019-002 Mojave, apply the security update. For Security Update 2019-007 High Sierra, apply the security update.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2020-9782

Affected Products

Apple Macos

PT-2020-20757 · Apple · Apple Macos

CVE-2020-9782

Weakness Enumeration

Related Identifiers

Affected Products

References · 4