CVE-2020-13495: Buffer Overflow

Published Apr 18, 2022

Updated

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files. A specially crafted malformed file can trigger an arbitrary out-of-bounds memory access that could lead to the disclosure of sensitive information. This vulnerability could be used to bypass mitigations and aid additional exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided file.

Affected Software

2 affected components

Pixar OpenUSD=20.05

Apple iOS and macOS=10.15.3

Event History

Apr 18, 2022

CVE Published

via MITRE·04:15 PM

Data Sourced

via MITRE·04:15 PM

DescriptionSeverityWeakness

Frequently Asked Questions

What is CVE-2020-13495?

CVE-2020-13495 is a vulnerability in Pixar OpenUSD 20.05 that allows for arbitrary out-of-bounds memory access and disclosure of sensitive information.

How does CVE-2020-13495 affect Pixar OpenUSD?

CVE-2020-13495 affects Pixar OpenUSD 20.05 by mishandling file offsets in binary USD files.

What is the severity of CVE-2020-13495?

The severity of CVE-2020-13495 is medium, with a CVSS score of 5.5.

Is CVE-2020-13495 exploitable on Apple Mac OS X 10.15.3?

No, CVE-2020-13495 is not exploitable on Apple Mac OS X 10.15.3.

How can CVE-2020-13495 be fixed?

To fix CVE-2020-13495, users should update to the latest version of Pixar OpenUSD 20.05.

CVE-2020-13495: Buffer Overflow

Affected Software

Event History

Don't miss critical vulnerabilities

Frequently Asked Questions

What is CVE-2020-13495?

How does CVE-2020-13495 affect Pixar OpenUSD?

What is the severity of CVE-2020-13495?

Is CVE-2020-13495 exploitable on Apple Mac OS X 10.15.3?

How can CVE-2020-13495 be fixed?

Company

Resources

Contact