Apple macOS up to 11.0 Image Remote Code Execution

A vulnerability classified as critical was found in Apple macOS up to 11.0 (Operating System). Affected by this vulnerability is an unknown code of the component Image Handler. Upgrading to version 11.1 eliminates this vulnerability.

Field	04/03/2021 10:37 AM	04/08/2021 03:13 PM
vendor	Apple	Apple
name	macOS	macOS
version	<=11.0	<=11.0
component	Image Handler	Image Handler
cvss3_vuldb_av	N	N
cvss3_vuldb_ac	L	L
cvss3_vuldb_pr	N	N
cvss3_vuldb_ui	R	R
cvss3_vuldb_s	U	U
cvss3_vuldb_c	L	L
cvss3_vuldb_i	L	L
cvss3_vuldb_a	L	L
cvss3_vuldb_rl	O	O
cvss3_vuldb_rc	C	C
identifier	HT212011	HT212011
url	https://support.apple.com/en-us/HT212011	https://support.apple.com/en-us/HT212011
name	Upgrade	Upgrade
upgrade_version	11.1	11.1
cve	CVE-2020-29625	CVE-2020-29625
date	1617400800 (04/03/2021)	1617400800 (04/03/2021)
type	Operating System	Operating System
cvss2_vuldb_av	N	N
cvss2_vuldb_ac	L	L
cvss2_vuldb_au	N	N
cvss2_vuldb_ci	P	P
cvss2_vuldb_ii	P	P
cvss2_vuldb_ai	P	P
cvss2_vuldb_rc	C	C
cvss2_vuldb_rl	OF	OF
cvss2_vuldb_e	ND	ND
cvss3_vuldb_e	X	X
cvss2_vuldb_basescore	7.5	7.5
cvss2_vuldb_tempscore	7.5	6.5
cvss3_vuldb_basescore	6.3	6.3
cvss3_vuldb_tempscore	6.3	6.0
cvss3_meta_basescore	6.3	6.3
cvss3_meta_tempscore	6.3	6.0
price_0day	$5k-$25k	$5k-$25k
price_trend	+	+
cve_assigned		1607382000
cve_nvd_summary		This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!