Vulnerability Details CVE-2020-27904
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.115
EPSS Ranking 93.3%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 9.3
References
- http://seclists.org/fulldisclosure/2020/Dec/32
- http://seclists.org/fulldisclosure/2021/Feb/14
- https://support.apple.com/en-us/HT211931
- https://support.apple.com/kb/HT212147
- http://seclists.org/fulldisclosure/2020/Dec/32
- http://seclists.org/fulldisclosure/2021/Feb/14
- https://support.apple.com/en-us/HT211931
- https://support.apple.com/kb/HT212147
Products affected by CVE-2020-27904
-
cpe:2.3:o:apple:macos:-
-
cpe:2.3:o:apple:macos:1.0
-
cpe:2.3:o:apple:macos:10.15.7
-
cpe:2.3:o:apple:macos:11.0
-
cpe:2.3:o:apple:macos:7.5.3
-
cpe:2.3:o:apple:macos:7.6
-
cpe:2.3:o:apple:macos:7.6.1
-
cpe:2.3:o:apple:macos:8.0
-
cpe:2.3:o:apple:macos:8.1
-
cpe:2.3:o:apple:macos:8.5
-
cpe:2.3:o:apple:macos:8.6
-
cpe:2.3:o:apple:macos:9
-
cpe:2.3:o:apple:macos:9.0