CVE-2020-27898

Published: Dec 8, 2020Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

A denial of service issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1. An attacker may be able to bypass Managed Frame Protection.

Affected (1)

Products: Apple: Macos

Apple

1 product

Macos

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Apple Macos	Before 11.0.1

Related CWEs

CWE-252

Unchecked Return Value

The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.

References (8)

http://seclists.org/fulldisclosure/2020/Dec/26

Source: product-security@apple.com

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2020/Dec/32

Source: product-security@apple.com

Mailing ListThird Party Advisory

https://support.apple.com/en-us/HT211931

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/kb/HT212011

Source: product-security@apple.com

Vendor Advisory

http://seclists.org/fulldisclosure/2020/Dec/26

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2020/Dec/32

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://support.apple.com/en-us/HT211931

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/kb/HT212011

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.