CVE-2020-3877Out-of-bounds Read in Apple Macos

CWE-125Out-of-bounds Read2 documents2 sources
Severity
7.5HIGHNVD
EPSS
1.2%
top 21.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Apple MacosApple WatchosApple MAC OS X
Timeline
PublishedFeb 27
Latest updateMay 24

Description

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3, watchOS 6.1.2. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

CVEListV5apple/macosunspecifiedmacOS Catalina 10.15.3
CVEListV5apple/watchosunspecifiedwatchOS 6.1.2
NVDapple/watchos< 6.1.2
NVDapple/mac_os_x< 10.15.3

🔴Vulnerability Details

1
GHSA
GHSA-j8jm-xpp4-34xm: An out-of-bounds read was addressed with improved input validation2022-05-24