| Vulnerability Name: | CVE-2020-9965 (CCN-191608) | ||||||||||||
| Assigned: | 2020-11-12 | ||||||||||||
| Published: | 2020-11-12 | ||||||||||||
| Updated: | 2021-03-11 | ||||||||||||
| Summary: | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. An application may be able to execute arbitrary code with kernel privileges. | ||||||||||||
| CVSS v3 Severity: | 7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) 6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
| ||||||||||||
| Vulnerability Type: | CWE-125 | ||||||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2020-9965 Source: FULLDISC Type: Mailing List, Third Party Advisory 20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1 Source: XF Type: UNKNOWN apple-macos-cve20209965-priv-esc(191608) Source: MISC Type: Release Notes, Vendor Advisory https://support.apple.com/en-us/HT211843 Source: MISC Type: Release Notes, Vendor Advisory https://support.apple.com/en-us/HT211844 Source: MISC Type: Release Notes, Vendor Advisory https://support.apple.com/en-us/HT211850 Source: CCN Type: Apple security document HT211931 About the security content of macOS Big Sur 11.0.1 Source: MISC Type: Release Notes, Vendor Advisory https://support.apple.com/en-us/HT211931 | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||