Home

CVE-2020-9855

Description

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.5. A local attacker may be able to elevate their privileges.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.051

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities are fixed in MacOS Catalina 10.15.5Mac
Multiple vulnerabilities are fixed in macOS Catalina 10.15.5 Combo UpdateMac
Multiple vulnerabilities are fixed in MacOS Catalina 10.15.5 (Deployment-Only)Mac
Multiple vulnerabilities are fixed in macOS Catalina 10.15.5 Combo Update (Deployment-Only)Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-602673MacOS Catalina 10.15.7 - Auto Reboot
PATCH-602674macOS Catalina 10.15.7 Combo Update - Auto Reboot
PATCH-602736MacOS Catalina 10.15.5 (Deployment-Only)
PATCH-602738macOS Catalina 10.15.5 Combo Update (Deployment-Only)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234