virus logo Intrusion Prevention

Apple.Multiple.Products.CVE-2020-27930.Memory.Corruption

description-logoDescription

This indicates an attack attempt to exploit a Memory Corruption vulnerability in Multiple Apple Products.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted font file. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application.

affected-products-logoAffected Products

watchOS 7.0 earlier versions
iOS 14.1 and earlier versions
iPadOS 14.1 and earlier versions
macOS Big Sur 11.0.0 and earlier versions
iOS 12.4.8 and earlier versions
watchOS 6.2.8 and earlier versions
watchOS 5.3.8 and earlier versions
macOS High Sierra 10.13.5, macOS Mojave 10.14.5 and earlier versions
macOS Catalina 10.15.6 and earlier versions

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's advisory for updates:
https://support.apple.com/en-us/103039
https://support.apple.com/en-us/103121
https://support.apple.com/en-us/102846
https://support.apple.com/en-us/103045
https://support.apple.com/en-us/103046
https://support.apple.com/en-us/103191
https://support.apple.com/en-us/103047
https://support.apple.com/en-us/103048

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2024-04-25 27.775 Default_action:pass:drop
2024-04-17 27.770
ID 55490
Created Apr 09, 2024
Updated Apr 17, 2024
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2020-27930
Known Exploited Yes
Exploit Prediction Score 0.19%
Default Action drop
Active
Affected OS MacOS, Other
Affected App Apple