Apple.Multiple.Products.CVE-2020-27930.Memory.Corruption
Description
This indicates an attack attempt to exploit a Memory Corruption vulnerability in Multiple Apple Products.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted font file. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application.
Affected Products
watchOS 7.0 earlier versions
iOS 14.1 and earlier versions
iPadOS 14.1 and earlier versions
macOS Big Sur 11.0.0 and earlier versions
iOS 12.4.8 and earlier versions
watchOS 6.2.8 and earlier versions
watchOS 5.3.8 and earlier versions
macOS High Sierra 10.13.5, macOS Mojave 10.14.5 and earlier versions
macOS Catalina 10.15.6 and earlier versions
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's advisory for updates:
https://support.apple.com/en-us/103039
https://support.apple.com/en-us/103121
https://support.apple.com/en-us/102846
https://support.apple.com/en-us/103045
https://support.apple.com/en-us/103046
https://support.apple.com/en-us/103191
https://support.apple.com/en-us/103047
https://support.apple.com/en-us/103048
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |