CVE-2020-3840

EPSS 1.1%

Vexday Risk Score

3Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS —EPSS 1.1%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

27 feb 2020Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

An off by one issue existed in the handling of racoon configuration files. This issue was addressed through improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1. Loading a maliciously crafted racoon configuration file may lead to arbitrary code execution.

Productos afectados

Apple · iOS Apple · macOS Apple · tvOS

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://support.apple.com/HT210918 https://support.apple.com/HT210919 https://support.apple.com/HT210920