CVE-2020-3854: Critical severity macos catalina vulnerability
Published Jan 28, 2020
·Updated
Security. A logic issue was addressed with improved restrictions.
Other sources
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.3. An application may be able to execute arbitrary code with system privileges.
Credit
Jakob Rieck@@0xdead10cc, Maximilian Blochberger(the Security in Distributed Systems Group of University of Hamburg)
Affected Software
4 affected componentsFixes available
apple macOS Catalina<10.15.3
10.15.3
apple Mojave
apple High Sierra
Apple iOS and macOS<10.15.3
Event History
Feb 27, 2020
CVE Published
via MITRE·08:45 PM
Data Sourced
via MITRE·08:45 PM
DescriptionWeakness
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2020-3877
- CVE-2019-11043
- CVE-2020-3857
- CVE-2020-3866
- CVE-2020-3848
- CVE-2020-3849
- CVE-2020-3850
- CVE-2020-3847
- CVE-2020-3835
- CVE-2020-3863
- CVE-2020-9774
- CVE-2020-3827
- CVE-2020-3826
- CVE-2020-3870
- CVE-2020-3878
- CVE-2020-3880
- CVE-2020-3845
- CVE-2020-3837
- CVE-2020-3851
- CVE-2020-3840
- CVE-2020-3875
- CVE-2020-3872
- CVE-2020-3853
- CVE-2020-3836
- CVE-2020-3842
- CVE-2020-3871
- CVE-2020-3846
- CVE-2020-3856
- CVE-2020-3829
- CVE-2020-3830
- CVE-2020-3854
- CVE-2019-18634
- CVE-2020-3855
- CVE-2020-3839
- CVE-2020-3843
- CVE-2020-3838
Frequently Asked Questions
1
What is CVE-2020-3854?
CVE-2020-3854 is a logic issue vulnerability that was addressed with improved restrictions.
2
What software is affected by CVE-2020-3854?
CVE-2020-3854 affects macOS Catalina (version up to 10.15.3), Mojave, and High Sierra.
3
How can I fix CVE-2020-3854?
To fix CVE-2020-3854, update your macOS to version 10.15.3 or apply the necessary security updates from Apple.
4
Where can I find more information about CVE-2020-3854?
You can find more information about CVE-2020-3854 on Apple's support page: https://support.apple.com/en-us/HT210919