VDB

CVE-2020-27930

CVE-2020-27930 PUBLISHED KEV CVSS 6.800000190734863 MEDIUM

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. Processing a maliciously crafted font may lead to arbitrary code execution.

EPSS 43.95% · 97.6th percentile

Risk Scores

CVSS 2.0
6.800000190734863
EPSS Score
43.95%
97.6th percentile

Affected Products

VendorProductVersions
appleiphone_os14.0, 0
AppleiOS and iPadOSunspecified
appleipados0
ApplewatchOSunspecified
applewatchos7.0, 6.0, 0
applemacos11.0
ApplemacOSunspecified, unspecified, unspecified
applemac_os_x0

Timeline

  • Feb 7, 2019 VulnCheck KEV Exploitation
  • Feb 8, 2019 VulnCheck KEV Exploitation
  • Nov 5, 2020 PoC Published
  • Nov 6, 2020 PoC Published
  • Nov 8, 2020 PoC Published
  • Nov 13, 2020 CVE Published
  • Apr 14, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Nov 3, 2021 CISA KEV Added
  • Nov 8, 2021 PoC Published
  • Nov 20, 2021 PoC Published
  • Dec 27, 2021 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›