VDB
CVE-2020-9973
CVE-2020-9973
PUBLISHED
CVSS 9.300000190734863 CRITICAL
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.
EPSS 0.25% · 48.2th percentile
Risk Scores
CVSS v2.0
9.300000190734863
EPSS Score
0.25%
48.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| apple | iphone_os | 0 |
| Apple | macOS | unspecified, unspecified |
| apple | ipados | 0 |
| apple | mac_os_x | 10.13.6, 10.13.6, 10.13.6 |
Timeline
- Oct 27, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 5, 2022 EPSS Score
- Jan 7, 2023 EPSS Score
References
- https://support.apple.com/en-us/HT211849 url
- https://support.apple.com/en-us/HT211850 url
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1104 url
- 20201115 APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0 mailing-list
- 20201115 APPLE-SA-2020-11-13-7 Additional information for APPLE-SA-2020-09-24-1 macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave mailing-list
- https://support.apple.com/fr-fr/HT211849 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-9973 advisory