Main Vulnerability Database Vulnerabilities #VU48173

#VU48173 Out-of-bounds read in macOS - CVE-2020-27950

Published: November 6, 2020 / Updated: March 23, 2021

Vulnerability identifier: #VU48173

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/U:Clear

CVE-ID: CVE-2020-27950

CWE-ID: CWE-125

Exploitation vector: Local access

Exploit availability: The vulnerability is being exploited in the wild

Vulnerable software:
macOS

Software vendor:
Apple Inc.

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within macOS kernel. A local user can run a specially crafted program to gain access to sensitive kernel information on the system.

Note, this vulnerability is being actively exploited in the wild.

Remediation

Install updates from vendor's website.

External links

https://support.apple.com/en-us/HT211947

#VU48173 Out-of-bounds read in macOS - CVE-2020-27950

Description

Remediation

External links

Please verify you're human