PT-2021-11702 · Apple · Apple Macos
Jordy Zomer
·
Published
2021-10-19
·
Updated
2021-10-22
·
CVE-2020-29622
CVSS v2.0
7.6
High
| Vector | AV:N/AC:H/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
macOS versions prior to Security Update 2021-005 Catalina
Description:
A race condition was addressed with additional validation. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges.
Recommendations:
For versions prior to Security Update 2021-005 Catalina, apply Security Update 2021-005 to fix the issue. As a temporary workaround, consider restricting access to NFS network shares until the update is applied. Avoid mounting unknown or untrusted NFS network shares to minimize the risk of exploitation.
Fix
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apple Macos