CVE-2020-27912

March 10, 2021

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. Processing a maliciously crafted image may lead to arbitrary code execution.

Summary:

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. Processing a maliciously crafted image may lead to arbitrary code execution.

Reference Links(if available):

  • https://support.apple.com/en-us/HT211929
  • https://support.apple.com/en-us/HT211928
  • https://support.apple.com/en-us/HT211935
  • https://support.apple.com/en-us/HT211931
  • https://support.apple.com/en-us/HT211933

    • CVSS Score (if available)

    v2: / HIGHAV:N/AC:M/Au:N/C:C/I:C/A:C

    v3: / HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

    Links to Exploits(if available)

  • Tags: , , , ,

    You may have missed

    Basta

    Black Basta Ransomware Victim: bdcm[.]com

    April 30, 2024
    ai checkout2

    Smart devices: new law helps citizens to choose secure products

    April 30, 2024
    CISA Logo

    CISA: CISA Releases Four Industrial Control Systems Advisories

    April 30, 2024
    CISA Logo

    CISA: CISA and Partners Release Advisory on Akira Ransomware

    April 30, 2024
    CISA Logo

    CISA: Oracle Releases Critical Patch Update Advisory for April 2024

    April 30, 2024