VDB
CVE-2020-27944
CVE-2020-27944
PUBLISHED
CVSS 7.800000190734863 HIGH
A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted font file may lead to arbitrary code execution.
EPSS 0.46% · 64.4th percentile
Risk Scores
CVSS v3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.46%
64.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | iOS and iPadOS | unspecified |
| Apple | tvOS | unspecified |
| apple | iphone_os | 0 |
| apple | watchos | 0 |
| apple | tvos | 0 |
| Apple | watchOS | * |
| apple | ipad_os | 0 |
| apple | macos | 0 |
| Apple | macOS | unspecified |
Timeline
- Dec 15, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://support.apple.com/fr-fr/HT212006 advisory
- https://support.apple.com/fr-fr/HT212004 advisory
- https://support.apple.com/fr-fr/HT212003 advisory
- https://support.apple.com/fr-fr/HT212007 advisory
- https://support.apple.com/fr-fr/HT211932 advisory
- https://support.apple.com/fr-fr/HT212009 advisory
- https://support.apple.com/fr-fr/HT212005 advisory
- https://support.apple.com/en-us/HT212011 url
- https://support.apple.com/en-us/HT212003 url
- https://support.apple.com/en-us/HT212005 url
- https://support.apple.com/en-us/HT212009 url
- https://nvd.nist.gov/vuln/detail/CVE-2020-27944 advisory