CVE-2020-29611 — Vulnetix

CVE-2020-29611 PUBLISHED CVSS 7.800000190734863 HIGH

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may lead to arbitrary code execution.

EPSS 0.46% · 64.6th percentile

Risk Scores

CVSS 3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

0.46%

64.6th percentile

Affected Products

Vendor	Product	Versions
Apple	macOS	unspecified, unspecified
apple	icloud	0
Apple	tvOS	unspecified
apple	tvos	0
apple	ipados	0
apple	mac_os_x	10.14.6, 10.15.7, 10.14.6
apple	iphone_os	0
Apple	iOS and iPadOS	unspecified
apple	watchos	0
apple	macos	11.0
Apple	watchOS	unspecified

Exploit Intelligence

https://support.apple.com/en-us/HT212011 (circl)
https://support.apple.com/en-us/HT212003 (circl)
https://support.apple.com/en-us/HT212005 (circl)
https://support.apple.com/en-us/HT212009 (circl)
https://support.apple.com/en-us/HT212145 (circl)

Timeline

Dec 15, 2020 CVE Published
Apr 14, 2021 EPSS Score
Jun 23, 2021 EPSS Score
Aug 24, 2021 EPSS Score
Oct 26, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Feb 28, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 1, 2022 EPSS Score
Jul 3, 2022 EPSS Score
Sep 4, 2022 EPSS Score

References

https://support.apple.com/fr-fr/HT212153 advisory
https://support.apple.com/fr-fr/HT212145 advisory
https://support.apple.com/fr-fr/HT212149 advisory
https://support.apple.com/fr-fr/HT212146 advisory
https://support.apple.com/fr-fr/HT212148 advisory
https://support.apple.com/fr-fr/HT212006 advisory
https://support.apple.com/fr-fr/HT212004 advisory
https://support.apple.com/fr-fr/HT212003 advisory
https://support.apple.com/fr-fr/HT212007 advisory
https://support.apple.com/fr-fr/HT211932 advisory
https://support.apple.com/fr-fr/HT212009 advisory
https://support.apple.com/fr-fr/HT212005 advisory
https://support.apple.com/en-us/HT212011 url
https://support.apple.com/en-us/HT212003 url
https://support.apple.com/en-us/HT212005 url
https://support.apple.com/en-us/HT212009 url
https://support.apple.com/en-us/HT212145 url
https://nvd.nist.gov/vuln/detail/CVE-2020-29611 advisory

Open in Interactive Console →