CVE-2020-9967

EPSS 2.3%

Vexday Risk Score

3Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS —EPSS 2.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

02 abr 2021Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.

Productos afectados

Apple · iOS and iPadOS Apple · macOS Apple · tvOS Apple · watchOS

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://packetstormsecurity.com/files/163501/XNU-Network-Stack-Kernel-Heap-Overflow.html https://support.apple.com/en-us/HT211843 https://support.apple.com/en-us/HT211844 https://support.apple.com/en-us/HT211850 https://support.apple.com/en-us/HT211931 https://support.apple.com/en-us/HT212011