CVE-2020-13497: Buffer Overflow
Published Dec 2, 2020
·Updated
An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access in String Type Index. This vulnerability could be used to bypass mitigations and aid further exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file.
Affected Software
2 affected components
Pixar OpenUSD=20.05
macOS
Event History
Dec 2, 2020
CVE Published
via MITRE·05:30 PM
Data Sourced
via MITRE·05:30 PM
DescriptionSeverityWeakness
Frequently Asked Questions
1
What is the severity of CVE-2020-13497?
The severity of CVE-2020-13497 is medium, with a CVSS score of 5.5.
2
What software is affected by CVE-2020-13497?
Pixar OpenUSD 20.05 is affected by CVE-2020-13497.
3
Is Apple macOS vulnerable to CVE-2020-13497?
No, Apple macOS is not vulnerable to CVE-2020-13497.
4
How can CVE-2020-13497 be exploited?
A specially crafted malformed file can trigger an arbitrary out of bounds memory access in String Type Index.
5
Are there any mitigations for CVE-2020-13497?
No specific mitigations are mentioned in the vulnerability report.