Apple » Mac Os X » 10.14.6 security_update_2020-005 : Security Vulnerabilities, CVEs, Published In 2020 (Code Execution)
CVE-2020-27932
Known exploited
A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to execute arbitrary code with kernel privileges.
Max CVSS
9.3
EPSS Score
0.19%
Published
2020-12-08
Updated
2021-02-11
CISA KEV Added
2021-11-03
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. An application may be able to execute arbitrary code with kernel privileges.
Max CVSS
9.3
EPSS Score
0.17%
Published
2020-12-08
Updated
2022-04-26
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. An application may be able to execute arbitrary code with kernel privileges.
Max CVSS
7.8
EPSS Score
0.11%
Published
2020-12-08
Updated
2023-01-09
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra, tvOS 14.0. An application may be able to execute arbitrary code with kernel privileges.
Max CVSS
9.3
EPSS Score
0.17%
Published
2020-12-08
Updated
2021-03-11
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges.
Max CVSS
9.3
EPSS Score
0.07%
Published
2020-10-22
Updated
2021-07-21
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges.
Max CVSS
7.8
EPSS Score
0.05%
Published
2020-10-22
Updated
2020-10-27
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.6. A malicious application may be able to execute arbitrary code with system privileges.
Max CVSS
7.0
EPSS Score
0.05%
Published
2020-10-22
Updated
2021-07-21
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. An application may be able to execute arbitrary code with kernel privileges.
Max CVSS
9.3
EPSS Score
0.12%
Published
2020-10-22
Updated
2023-01-09
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges.
Max CVSS
9.3
EPSS Score
0.07%
Published
2020-10-22
Updated
2021-07-21
Multiple memory corruption issues were addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application may be able to execute arbitrary code with system privileges.
Max CVSS
9.3
EPSS Score
0.12%
Published
2020-10-22
Updated
2023-01-09
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges.
Max CVSS
10.0
EPSS Score
0.25%
Published
2020-10-16
Updated
2020-10-20
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. An application may be able to execute arbitrary code with kernel privileges.
Max CVSS
9.3
EPSS Score
0.12%
Published
2020-10-22
Updated
2023-01-09
CVE-2020-9859
Known exploited
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges.
Max CVSS
7.8
EPSS Score
0.07%
Published
2020-06-05
Updated
2023-01-09
CISA KEV Added
2021-11-03
An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges.
Max CVSS
9.3
EPSS Score
0.17%
Published
2020-06-09
Updated
2023-01-09
An integer overflow was addressed through improved input validation. This issue is fixed in macOS Catalina 10.15.5. An application may be able to execute arbitrary code with kernel privileges.
Max CVSS
9.3
EPSS Score
0.10%
Published
2020-06-09
Updated
2020-06-09
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.5. An application may be able to execute arbitrary code with kernel privileges.
Max CVSS
9.3
EPSS Score
0.07%
Published
2020-06-09
Updated
2021-07-21
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.5. A malicious application may be able to execute arbitrary code with kernel privileges.
Max CVSS
9.3
EPSS Score
0.07%
Published
2020-06-09
Updated
2020-06-11
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges.
Max CVSS
9.3
EPSS Score
0.17%
Published
2020-06-09
Updated
2023-01-09
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges.
Max CVSS
9.3
EPSS Score
0.12%
Published
2020-06-09
Updated
2021-07-21
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges.
Max CVSS
9.3
EPSS Score
0.12%
Published
2020-06-09
Updated
2021-07-21
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.6. A malicious application may be able to execute arbitrary code with kernel privileges.
Max CVSS
9.3
EPSS Score
0.07%
Published
2020-10-16
Updated
2020-10-19
A race condition was addressed with improved state handling. This issue is fixed in macOS Catalina 10.15.5. An application may be able to execute arbitrary code with kernel privileges.
Max CVSS
7.0
EPSS Score
0.04%
Published
2020-10-22
Updated
2020-10-27
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. An application may be able to execute arbitrary code with kernel privileges.
Max CVSS
9.3
EPSS Score
0.17%
Published
2020-06-09
Updated
2020-06-11
Multiple memory corruption issues were addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A malicious application may be able to execute arbitrary code with kernel privileges.
Max CVSS
9.3
EPSS Score
0.17%
Published
2020-04-01
Updated
2021-07-21
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A malicious application may be able to execute arbitrary code with kernel privileges.
Max CVSS
9.3
EPSS Score
0.17%
Published
2020-04-01
Updated
2021-07-21