Published: 08/12/2020 Updated: 09/01/2023

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple mac os x
apple tvos
apple iphone os
apple watchos
apple ipados

Full Disclosure mailing list archives   By Date By Thread </form>    APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 1101 <!--X-Subject-Header-End-- ...

CWE-59 https://support.apple.com/en-us/HT211929 https://support.apple.com/en-us/HT211928 https://support.apple.com/en-us/HT211931 https://support.apple.com/en-us/HT211930 http://seclists.org/fulldisclosure/2020/Dec/32 https://nvd.nist.gov http://seclists.org/fulldisclosure/2020/Dec/32

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-10003

Vulnerability Summary

Vulnerability Trend

Mailing Lists

References

Vulmon Search

About

Products

Connect