Vulnerability identifier: #VU50216

Vulnerability risk: Low

CVSSv3.1: 7.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2020-27904

CWE-ID: CWE-119

Exploitation vector: Local

Exploits in database: 1

• May 9, 2021
  • xattr-oob-swap (Demo exploit code for CVE-2020-27904, a tfp0 bug.) [Github]

Impact: Code execution

Vulnerable software:
macOS
Operating systems & Components / Operating system

Vendor: Apple Inc.