CVE-2020-9930

Description


An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. A local user may be able to cause unexpected system termination or read kernel memory.

CvssV3 impact


BaseSeverity

HIGH

ConfidentialityImpact

HIGH

AttackComplexity

LOW

Scope

UNCHANGED

AttackVector

LOCAL

AvailabilityImpact

HIGH

IntegrityImpact

NONE

PrivilegesRequired

LOW

BaseScore

7.1

VectorString

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Version

3.1

UserInteraction

NONE

CvssV2 impact


AccessComplexity

LOW

ConfidentialityImpact

COMPLETE

AvailabilityImpact

COMPLETE

IntegrityImpact

NONE

BaseScore

6.6

VectorString

AV:L/AC:L/Au:N/C:C/I:N/A:C

Version

2.0

AccessVector

LOCAL

Authentication

NONE