QwikSec

Security Database

CVE

CWE

Training

CVE-2020-9973

Published: Oct 27, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.

Vendor	Product	Versions
Apple	macOS	affected `unspecified - < 10.15`
Apple	macOS	affected `unspecified - < 14.0`

References

https://support.apple.com/en-us/HT211849

x_refsource_MISC

https://support.apple.com/en-us/HT211850

x_refsource_MISC

https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1104

x_refsource_MISC

20201115 APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0

mailing-list

x_refsource_FULLDISC

20201115 APPLE-SA-2020-11-13-7 Additional information for APPLE-SA-2020-09-24-1 macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave

mailing-list

x_refsource_FULLDISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.