Back to search
CVE-2020-10003
Published: Dec 8, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges.
| Vendor | Product | Versions |
|---|---|---|
Apple | watchOS | affected unspecified - < 7.1 |
Apple | iOS and iPadOS | affected unspecified - < 14.2 |
Apple | tvOS | affected unspecified - < 14.2 |
Apple | macOS | affected unspecified - < 11.0 |
References
https://support.apple.com/en-us/HT211931
x_refsource_MISC
https://support.apple.com/en-us/HT211928
x_refsource_MISC
https://support.apple.com/en-us/HT211929
x_refsource_MISC
https://support.apple.com/en-us/HT211930
x_refsource_MISC
20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1
mailing-list
x_refsource_FULLDISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now