Apple macOS 10.15.3 Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability

Summary

A malicious application may be able to execute arbitrary code with kernel privileges

Credit:

The information has been provided by Yu Wang of Didi Research America

The original article can be found at https://support.apple.com/HT211100


Details

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to execute arbitrary code with kernel privileges.

Vulnerable Systems:

macOS Mojave 10.14.6,

macOS High Sierra 10.13.6,

macOS Catalina 10.15.3

    CVE Information:

    CVE-2020-3892

    Disclosure Timeline:
    Published Date:04/08/2020

    Categories: FeaturedNews