CyberSec.Space Logo
Back to CVE Browser

CVE-2020-27950

Known Exploited (CISA KEV)MEDIUM
5.5
CVSS Severity Score
EPSS Score72.9130%
EPSS Percentile91.68th
PublishedDec 8, 2020
Last ModifiedOct 27, 2025

Vulnerability Description

A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to disclose kernel memory.

Affected Platforms (CPE)

πŸ’»
Apple

Ipados

< 14.2
πŸ’»
Apple

Iphone Os

< 12.4.9
πŸ’»
Apple

Iphone Os

>= 14.0 and < 14.2
πŸ’»
Apple

Macos

< 10.15.7
πŸ’»
Apple

Macos

>= 11.0 and < 11.0.1
πŸ’»
Apple

Watchos

< 5.3.9
πŸ’»
Apple

Watchos

>= 6.0 and < 6.2.9
πŸ’»
Apple

Watchos

>= 7.0 and < 7.1

References & Advisories

πŸ”— http://packetstormsecurity.com/files/161296/XNU-Kernel-Mach-Message-Trailers-Memory-Disclosure.html
πŸ”— http://seclists.org/fulldisclosure/2020/Dec/32
πŸ”— https://support.apple.com/en-us/HT211928
πŸ”— https://support.apple.com/en-us/HT211929
πŸ”— https://support.apple.com/en-us/HT211931
πŸ”— https://support.apple.com/en-us/HT211940
πŸ”— https://support.apple.com/en-us/HT211944
πŸ”— https://support.apple.com/en-us/HT211945

Related Vulnerabilities

CVE-2019-877910.0

A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions...

CVE-2020-39109.8

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10....

CVE-2020-39099.8

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10....

CVE-2020-39119.8

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10....