CVE-2020-27912: An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud…

high7.8CVSS 3.1

AVLACLPRNUIRSUCHIHAH

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. Processing a maliciously crafted image may lead to arbitrary code execution.

Affected

14 ranges

Vendor	Product	Version range	Fixed in
apple	icloud	< 11.5	11.5
apple	ios_14.2_and_ipados	—	—
apple	ios_and_ipados	>= unspecified < 14.2	14.2
apple	ipados	< 14.2	14.2
apple	iphone_os	< 14.2	14.2
apple	itunes	< 12.11	12.11
apple	macos	< 11.0.1	11.0.1
apple	macos	>= unspecified < 11.0	11.0
apple	macos	>= unspecified < 12.11	12.11
apple	macos	>= unspecified < 11.5	11.5
apple	tvos	< 14.2	14.2
apple	tvos	>= unspecified < 14.2	14.2
apple	watchos	< 7.1	7.1
apple	watchos	>= unspecified < 7.1	7.1