vulnerability

OS X update for FontParser (CVE-2020-27946)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:P/I:N/A:N)	Feb 19, 2021	Feb 19, 2021	Apr 12, 2021

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

Feb 19, 2021

Added

Feb 19, 2021

Modified

Apr 12, 2021

Description

An information disclosure issue was addressed with improved state management. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted font may result in the disclosure of process memory.

Solution

apple-osx-upgrade-11_1

References

CVE-2020-27946
https://attackerkb.com/topics/CVE-2020-27946
URL-https://support.apple.com/kb/HT212011

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today