CVE-2020-3866: Medium severity macos catalina vulnerability
autofs. This was addressed with additional checks by Gatekeeper on files mounted through a network share.
Other sources
This was addressed with additional checks by Gatekeeper on files mounted through a network share. This issue is fixed in macOS Catalina 10.15.3. Searching for and opening a file from an attacker controlled NFS mount may bypass Gatekeeper.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2020-3877
- CVE-2019-11043
- CVE-2020-3857
- CVE-2020-3866
- CVE-2020-3848
- CVE-2020-3849
- CVE-2020-3850
- CVE-2020-3847
- CVE-2020-3835
- CVE-2020-3863
- CVE-2020-9774
- CVE-2020-3827
- CVE-2020-3826
- CVE-2020-3870
- CVE-2020-3878
- CVE-2020-3880
- CVE-2020-3845
- CVE-2020-3837
- CVE-2020-3851
- CVE-2020-3840
- CVE-2020-3875
- CVE-2020-3872
- CVE-2020-3853
- CVE-2020-3836
- CVE-2020-3842
- CVE-2020-3871
- CVE-2020-3846
- CVE-2020-3856
- CVE-2020-3829
- CVE-2020-3830
- CVE-2020-3854
- CVE-2019-18634
- CVE-2020-3855
- CVE-2020-3839
- CVE-2020-3843
- CVE-2020-3838
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2020-3866.
What software is affected by this vulnerability?
This vulnerability affects Apple macOS Catalina versions up to and including 10.15.3, Apple Mojave, and Apple High Sierra.
What was addressed to fix this vulnerability?
This vulnerability was addressed with additional checks by Gatekeeper on files mounted through a network share.
Which version of macOS Catalina includes the fix for this vulnerability?
The fix for this vulnerability is included in macOS Catalina version 10.15.3.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability at the following reference: [Apple - About the security content of macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra](https://support.apple.com/en-us/HT210919)