5.5

CVE-2020-10009

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. A sandboxed process may be able to circumvent sandbox restrictions.

Data is provided by the National Vulnerability Database (NVD)
ApplemacOS X Version < 11.0.1
ApplemacOS X Version >= 10.14 < 10.14.6
ApplemacOS X Version >= 10.15 < 10.15.7
ApplemacOS X Version10.14.6 Update-
ApplemacOS X Version10.14.6 Updatesecurity_update_2019-001
ApplemacOS X Version10.14.6 Updatesecurity_update_2019-002
ApplemacOS X Version10.14.6 Updatesecurity_update_2019-004
ApplemacOS X Version10.14.6 Updatesecurity_update_2019-005
ApplemacOS X Version10.14.6 Updatesecurity_update_2019-006
ApplemacOS X Version10.14.6 Updatesecurity_update_2019-007
ApplemacOS X Version10.14.6 Updatesecurity_update_2020-001
ApplemacOS X Version10.14.6 Updatesecurity_update_2020-002
ApplemacOS X Version10.14.6 Updatesecurity_update_2020-003
ApplemacOS X Version10.14.6 Updatesecurity_update_2020-004
ApplemacOS X Version10.14.6 Updatesecurity_update_2020-005
ApplemacOS X Version10.14.6 Updatesecurity_update_2020-006
ApplemacOS X Version10.15.7 Update-
ApplemacOS X Version10.15.7 Updatesecurity_update_2020
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.3% 0.53
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
http://seclists.org/fulldisclosure/2020/Dec/32
Third Party Advisory
Mailing List
http://seclists.org/fulldisclosure/2020/Dec/26
Third Party Advisory
Mailing List
https://support.apple.com/en-us/HT211931
Vendor Advisory
Release Notes