CVE-2020-13498: Medium severity pixar openusd vulnerability

Published Dec 2, 2020

Updated

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access which could lead to information disclosure. This vulnerability could be used to bypass mitigations and aid further exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file.

Affected Software

2 affected components

Pixar OpenUSD=20.05

macOS

Event History

Dec 2, 2020

CVE Published

via MITRE·05:30 PM

Data Sourced

via MITRE·05:30 PM

DescriptionSeverityWeakness

Frequently Asked Questions

What is CVE-2020-13498?

CVE-2020-13498 is a vulnerability that exists in Pixar OpenUSD 20.05 and can be triggered by parsing certain encoded types.

How severe is CVE-2020-13498?

CVE-2020-13498 has a severity rating of medium with a score of 5.5.

What is the affected software of CVE-2020-13498?

The affected software is Pixar OpenUSD 20.05.

How can CVE-2020-13498 be exploited?

CVE-2020-13498 can be exploited by using a specially crafted malformed file to trigger an arbitrary out of bounds memory access, leading to potential information disclosure.

Is Apple macOS vulnerable to CVE-2020-13498?

No, Apple macOS is not vulnerable to CVE-2020-13498.

CVE-2020-13498: Medium severity pixar openusd vulnerability

Affected Software

Event History

Don't miss critical vulnerabilities

Frequently Asked Questions

What is CVE-2020-13498?

How severe is CVE-2020-13498?

What is the affected software of CVE-2020-13498?

How can CVE-2020-13498 be exploited?

Is Apple macOS vulnerable to CVE-2020-13498?

Company

Resources

Contact