CVE-2020-27948

Summary

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted audio file may lead to arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AppleiOS and iPadOSunspecified < 14.3affected
AppletvOSunspecified < 14.3affected
ApplewatchOSunspecified < 7.2affected
ApplemacOSunspecified < 11.1affected

Weaknesses

  • Processing a maliciously crafted audio file may lead to arbitrary code execution

ADP Enrichment

CVE Program Container

Additional References

References