CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-9771
https://notcve.org/view.php?id=CVE-2020-9771
This issue was addressed with a new entitlement. This issue is fixed in macOS Catalina 10.15.4. A user may gain access to protected parts of the file system. Este problema se abordó con un nuevo derecho. Este problema es corregido en macOS Catalina versión 10.15.4. • https://support.apple.com/kb/HT211100 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-3918
https://notcve.org/view.php?id=CVE-2020-3918
An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A local user may be able to view sensitive user information. Se abordó un problema de acceso con restricciones de sandbox adicionales. Este problema es corregido en iOS versión 13.4 y iPadOS versión 13.4, macOS Catalina versión 10.15.4, tvOS versión 13.4, watchOS versión 6.2. • https://support.apple.com/kb/HT211100 https://support.apple.com/kb/HT211101 https://support.apple.com/kb/HT211102 https://support.apple.com/kb/HT211103 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-9990 – Apple macOS process_token_SetFence Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-9990
A race condition was addressed with additional validation. This issue is fixed in macOS Catalina 10.15.6. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó una condición de carrera con una comprobación adicional. Este problema se corrigió en macOS Catalina versión 10.15.6. • https://support.apple.com/kb/HT211289 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-9927 – Apple macOS AMDSupport Out-Of-Bounds Write Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-9927
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de la memoria con una comprobación de entrada mejorada. Este problema se corrigió en macOS Catalina versión 10.15.6. • https://support.apple.com/kb/HT211289 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-9921 – Apple macOS process_token_BlitFramebuffer Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-9921
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.6. A malicious application may be able to execute arbitrary code with system privileges. Se abordó un problema de corrupción de la memoria con un manejo de la memoria mejorada. Este problema se corrigió en macOS Catalina versión 10.15.6. • https://support.apple.com/kb/HT211289 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-787: Out-of-bounds Write •