CVE-2020-29624 Information
Jun 07, 2022
cve
Description
A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in watchOS 7.2 macOS Big Sur 11.1 Security Update 2020-001 Catalina Security Update 2020-007 Mojave iOS 14.3 and iPadOS 14.3 tvOS 14.3. Processing a maliciously crafted font file may lead to arbitrary code execution.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Reference
https://support.apple.com/en-us/HT212003 https://support.apple.com/en-us/HT212011 https://support.apple.com/en-us/HT212009 https://support.apple.com/en-us/HT212005
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
7.8
Share on: