CVE-2020-29611

Name of the Vulnerable Software and Affected Versions Apple tvOS versions prior to 14.3 Apple macOS Big Sur versions prior to 11.1 Apple macOS Catalina versions prior to Security Update 2020-001 Apple macOS Mojave versions prior to Security Update 2020-007 Apple iOS versions prior to 14.3 Apple iPadOS versions prior to 14.3 Apple watchOS versions prior to 7.2 Apple iCloud for Windows versions prior to 12.0

Description The issue is related to an out-of-bounds write problem in the ImageIO component, which can be exploited by processing a maliciously crafted image, potentially leading to arbitrary code execution. This can allow a remote attacker to execute arbitrary code.

Recommendations For tvOS versions prior to 14.3, update to tvOS 14.3 or later. For macOS Big Sur versions prior to 11.1, update to macOS Big Sur 11.1 or later. For macOS Catalina versions prior to Security Update 2020-001, apply Security Update 2020-001 or later. For macOS Mojave versions prior to Security Update 2020-007, apply Security Update 2020-007 or later. For iOS versions prior to 14.3, update to iOS 14.3 or later. For iPadOS versions prior to 14.3, update to iPadOS 14.3 or later. For watchOS versions prior to 7.2, update to watchOS 7.2 or later. For iCloud for Windows versions prior to 12.0, update to iCloud for Windows 12.0 or later.