VDB
CVE-2020-27930
CVE-2020-27930
PUBLISHED
KEV
CVSS 6.800000190734863 MEDIUM
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. Processing a maliciously crafted font may lead to arbitrary code execution.
EPSS 43.95% · 97.6th percentile
Risk Scores
CVSS 2.0
6.800000190734863
EPSS Score
43.95%
97.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| apple | iphone_os | 14.0, 0 |
| Apple | iOS and iPadOS | unspecified |
| apple | ipados | 0 |
| Apple | watchOS | unspecified |
| apple | watchos | 7.0, 6.0, 0 |
| apple | macos | 11.0 |
| Apple | macOS | unspecified, unspecified, unspecified |
| apple | mac_os_x | 0 |
Timeline
- Feb 7, 2019 VulnCheck KEV Exploitation
- Feb 8, 2019 VulnCheck KEV Exploitation
- Nov 5, 2020 PoC Published
- Nov 6, 2020 PoC Published
- Nov 8, 2020 PoC Published
- Nov 13, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Nov 3, 2021 CISA KEV Added
- Nov 8, 2021 PoC Published
- Nov 20, 2021 PoC Published
- Dec 27, 2021 EPSS Score
References
- https://support.apple.com/fr-fr/HT211934 advisory
- https://support.apple.com/fr-fr/HT211946 advisory
- https://support.apple.com/fr-fr/HT211931 advisory
- https://support.apple.com/fr-fr/HT211945 advisory
- https://support.apple.com/fr-fr/HT211930 advisory
- https://support.apple.com/fr-fr/HT211947 advisory
- https://support.apple.com/fr-fr/HT211944 advisory
- https://support.apple.com/fr-fr/HT211929 advisory
- https://support.apple.com/fr-fr/HT211940 advisory
- https://support.apple.com/fr-fr/HT211928 advisory
- https://support.apple.com/en-us/HT211931 url
- https://support.apple.com/en-us/HT211928 url
- https://support.apple.com/en-us/HT211929 url
- https://support.apple.com/en-us/HT211940 url
- https://support.apple.com/en-us/HT211944 url
- https://support.apple.com/en-us/HT211945 url
- https://support.apple.com/en-us/HT211946 url
- https://support.apple.com/en-us/HT211947 url
- 20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1 mailing-list
- http://packetstormsecurity.com/files/161294/Apple-Safari-Remote-Code-Execution.html url
…and 2 more