Details of VAR-202109-0171

ID

VAR-202109-0171

CVE

CVE-2020-27942

TITLE

Apple Mac OS X Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-013514

DESCRIPTION

A logic issue was addressed with improved state management. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. Processing a maliciously crafted font file may lead to arbitrary code execution. Apple Mac OS X Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Information about the security content is also available at https://support.apple.com/HT212327. APFS Available for: macOS Mojave Impact: A local user may be able to read arbitrary files Description: The issue was addressed with improved permissions logic. CVE-2021-1797: Thomas Tempelmann Audio Available for: macOS Mojave Impact: An application may be able to read restricted memory Description: A memory corruption issue was addressed with improved validation. CVE-2021-1808: JunDong Xie of Ant Security Light-Year Lab CFNetwork Available for: macOS Mojave Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A memory initialization issue was addressed with improved memory handling. CVE-2021-1857: an anonymous researcher CoreAudio Available for: macOS Mojave Impact: A malicious application may be able to read restricted memory Description: A memory corruption issue was addressed with improved validation. CVE-2021-1809: JunDong Xie of Ant Security Light-Year Lab CoreGraphics Available for: macOS Mojave Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2021-1847: Xuwei Liu of Purdue University CoreText Available for: macOS Mojave Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: A logic issue was addressed with improved state management. CVE-2021-1811: Xingwei Lin of Ant Security Light-Year Lab curl Available for: macOS Mojave Impact: A remote attacker may be able to cause a denial of service Description: A buffer overflow was addressed with improved input validation. CVE-2020-8285: xnynx curl Available for: macOS Mojave Impact: An attacker may provide a fraudulent OCSP response that would appear valid Description: This issue was addressed with improved checks. CVE-2020-8286: an anonymous researcher DiskArbitration Available for: macOS Mojave Impact: A malicious application may be able to modify protected parts of the file system Description: A permissions issue existed in DiskArbitration. This was addressed with additional ownership checks. CVE-2021-1881: Hou JingYi (@hjy79425575) of Qihoo 360, an anonymous researcher, Xingwei Lin of Ant Security Light-Year Lab, and Mickey Jin of Trend Micro FontParser Available for: macOS Mojave Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A logic issue was addressed with improved state management. CVE-2020-27942: an anonymous researcher Foundation Available for: macOS Mojave Impact: A malicious application may be able to gain root privileges Description: A validation issue was addressed with improved logic. CVE-2021-1843: Ye Zhang of Baidu Security Intel Graphics Driver Available for: macOS Mojave Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write was addressed with improved input validation. CVE-2021-1805: ABC Research s.r.o. working with Trend Micro Zero Day Initiative Intel Graphics Driver Available for: macOS Mojave Impact: An application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with additional validation. CVE-2021-1806: ABC Research s.r.o. working with Trend Micro Zero Day Initiative Intel Graphics Driver Available for: macOS Mojave Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-1834: ABC Research s.r.o. working with Trend Micro Zero Day Initiative Kernel Available for: macOS Mojave Impact: A malicious application may be able to disclose kernel memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2021-1851: @0xalsr Kernel Available for: macOS Mojave Impact: A local attacker may be able to elevate their privileges Description: A memory corruption issue was addressed with improved validation. CVE-2021-1840: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab libxpc Available for: macOS Mojave Impact: A malicious application may be able to gain root privileges Description: A race condition was addressed with additional validation. CVE-2021-30652: James Hutchins libxslt Available for: macOS Mojave Impact: Processing a maliciously crafted file may lead to heap corruption Description: A double free issue was addressed with improved memory management. CVE-2021-1876: Matthew Denton of Google Chrome Preferences Available for: macOS Mojave Impact: A local user may be able to modify protected parts of the file system Description: A parsing issue in the handling of directory paths was addressed with improved path validation. CVE-2021-1739: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com) smbx Available for: macOS Mojave Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: An integer overflow was addressed with improved input validation. CVE-2021-1868: Tim Michaud of Zoom Communications tcpdump Available for: macOS Mojave Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2020-8037: an anonymous researcher Time Machine Available for: macOS Mojave Impact: A local attacker may be able to elevate their privileges Description: The issue was addressed with improved permissions logic. CVE-2021-1839: Tim Michaud(@TimGMichaud) of Zoom Video Communications and Gary Nield of ECSC Group plc Wi-Fi Available for: macOS Mojave Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A memory corruption issue was addressed with improved validation. CVE-2021-1828: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab wifivelocityd Available for: macOS Mojave Impact: An application may be able to execute arbitrary code with system privileges Description: The issue was addressed with improved permissions logic. CVE-2020-3838: Dayton Pidhirney (@_watbulb) Windows Server Available for: macOS Mojave Impact: A malicious application may be able to unexpectedly leak a user's credentials from secure text fields Description: An API issue in Accessibility TCC permissions was addressed with improved state management. CVE-2021-1873: an anonymous researcher Installation note: This update may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmCHO2EACgkQZcsbuWJ6 jjBHBhAAmHYbcREaaxOXQwrb56He+ool1GyXUCGknHRnEO6Ik0nyE/GeUPuv8Y/Q /ywr188mv3ehtjFlXWpHtqwOn0KoNlAlcE+jy9r3QGTxNmBM2z30FeC0wiYYEi7s I5xWkZIcnO1jq2CMGVHHfbLhyLnkWblwWvCOWriCRzbTocEWgEqwrh/uguTVRWB4 oVo8+uHcdiS2gqS0LIMbbvP6SGkfPwVlL8Mr/e96xdditiRbZX01GkAm0l5ezYHt xrs8378fmQK3su4dHrkHpFpTmT3Yib8Jtotat8cgu6lWxLGEFR5kOye4QIjFCl/a UhnR52nlMyYlh4anbqUs7PAh2QDVa3scaRfGTdAogPfaZIAhaaiuj8qXUOsAxEhk rf0TOXmgCDfhuaA08Ys43sgUgunPLOa2+jMT4VspLZxDTkWLDrGFjlM4P5643WrT ITAKLoqq8SOhce6gd3VECvG+EK/fBWrdwzsVDzfxU3yW3kSCKxX25KcRePwJZAAu s1ZZpIZdY7rmi1DwafNSig2dncjUZJy6AhiI5w6cpQzBOQVioU8oac2JDi1X2Rn1 k/D3VQfmYas7HGqUSwx3MUx+yybktm+8Ogo+vtcRKCzUF5t13bwpyAda0mJ62c6L I/ISWomRdC4XX3AQL5EJLzO9slpOBqWsbQb0cULdt+mb4H+nLDE= =NZ77 -----END PGP SIGNATURE-----

Trust: 2.43

sources: NVD: CVE-2020-27942 // JVNDB: JVNDB-2021-013514 // CNNVD: CNNVD-202104-975 // VULMON: CVE-2020-27942 // PACKETSTORM: 162360 // PACKETSTORM: 162362

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	eq	version:	10.15.6	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	gte	version:	10.14	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	gte	version:	10.15	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lte	version:	10.15.5	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.15.7	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lte	version:	10.14.5	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.14.6	Trust: 1.0
vendor:	アップル	model:	apple mac os x	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	apple mac os x	scope:	eq	version:	-	Trust: 0.8
vendor:	アップル	model:	apple mac os x	scope:	eq	version:	10.14.6	Trust: 0.8
vendor:	アップル	model:	apple mac os x	scope:	eq	version:	10.14 to 10.14.5	Trust: 0.8
vendor:	アップル	model:	apple mac os x	scope:	eq	version:	10.15.6	Trust: 0.8
vendor:	アップル	model:	apple mac os x	scope:	eq	version:	10.15.7	Trust: 0.8
vendor:	アップル	model:	apple mac os x	scope:	eq	version:	10.15 to 10.15.5	Trust: 0.8

sources: JVNDB: JVNDB-2021-013514 // NVD: CVE-2020-27942

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-27942
value:	HIGH
Trust: 1.0
NVD:	CVE-2020-27942
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202104-1983
value:	HIGH
Trust: 0.6
VULHUB:	VHN-372053
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-27942
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-372053
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-27942
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2020-27942
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-372053 // JVNDB: JVNDB-2021-013514 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-1983 // NVD: CVE-2020-27942

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-013514 // NVD: CVE-2020-27942

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202104-1983

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:	HT212326 Apple Security update	url:	https://support.apple.com/en-us/HT212326	Trust: 0.8
title:	Apple macOS Repair measures for the competition condition problem loophole	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=148660	Trust: 0.6

sources: JVNDB: JVNDB-2021-013514 // CNNVD: CNNVD-202104-1983

EXTERNAL IDS

db:	NVD	id:	CVE-2020-27942	Trust: 3.6
db:	PACKETSTORM	id:	162360	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-013514	Trust: 0.8
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	CS-HELP	id:	SB2021042704	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1416	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-1983	Trust: 0.6
db:	PACKETSTORM	id:	162362	Trust: 0.2
db:	VULHUB	id:	VHN-372053	Trust: 0.1
db:	VULMON	id:	CVE-2020-27942	Trust: 0.1

sources: VULHUB: VHN-372053 // VULMON: CVE-2020-27942 // JVNDB: JVNDB-2021-013514 // PACKETSTORM: 162360 // PACKETSTORM: 162362 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-1983 // NVD: CVE-2020-27942

REFERENCES

url:	https://support.apple.com/en-us/ht212326	Trust: 1.7
url:	https://support.apple.com/en-us/ht212327	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-27942	Trust: 1.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://packetstormsecurity.com/files/162360/apple-security-advisory-2021-04-26-3.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021042704	Trust: 0.6
url:	https://support.apple.com/en-us/ht211931	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1416	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1860	Trust: 0.2
url:	https://support.apple.com/kb/ht201222	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1857	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1813	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1840	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1876	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1739	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1851	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1828	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1809	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1875	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-8037	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1784	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1847	Trust: 0.2
url:	https://support.apple.com/downloads/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1843	Trust: 0.2
url:	https://www.apple.com/support/security/pgp/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1811	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1839	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3838	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1797	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-8285	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1834	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1873	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-8286	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1808	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1868	Trust: 0.2
url:	http://seclists.org/fulldisclosure/2021/apr/54	Trust: 0.1
url:	https://support.apple.com/ht212326.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1810	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1824	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1740	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1878	Trust: 0.1
url:	https://support.apple.com/ht212327.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1806	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1805	Trust: 0.1

CREDITS

Apple

Trust: 0.8

sources: PACKETSTORM: 162360 // PACKETSTORM: 162362 // CNNVD: CNNVD-202104-1983

SOURCES

db:	VULHUB	id:	VHN-372053
db:	VULMON	id:	CVE-2020-27942
db:	JVNDB	id:	JVNDB-2021-013514
db:	PACKETSTORM	id:	162360
db:	PACKETSTORM	id:	162362
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202104-1983
db:	NVD	id:	CVE-2020-27942

LAST UPDATE DATE

2024-08-14T13:16:44.781000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-372053	date:	2021-09-15T00:00:00
db:	JVNDB	id:	JVNDB-2021-013514	date:	2022-09-14T09:12:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202104-1983	date:	2021-10-29T00:00:00
db:	NVD	id:	CVE-2020-27942	date:	2021-09-15T12:43:45.953

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-372053	date:	2021-09-08T00:00:00
db:	JVNDB	id:	JVNDB-2021-013514	date:	2022-09-14T00:00:00
db:	PACKETSTORM	id:	162360	date:	2021-04-28T14:58:36
db:	PACKETSTORM	id:	162362	date:	2021-04-28T15:00:23
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202104-1983	date:	2021-04-27T00:00:00
db:	NVD	id:	CVE-2020-27942	date:	2021-09-08T15:15:09.050