CVE-2020-3881: Medium severity macos catalina vulnerability

Q: What is CVE-2020-3881?

CVE-2020-3881 is a logic issue in FaceTime that has been addressed with improved state management.

Q: What software is affected by CVE-2020-3881?

CVE-2020-3881 affects the following software versions: macOS Catalina 10.15.4 (and up to exclusive), Mojave, and High Sierra.

Q: How severe is CVE-2020-3881?

The severity of CVE-2020-3881 is not specified.

Q: How can I fix CVE-2020-3881?

To fix CVE-2020-3881, upgrade to the latest version (or at least macOS Catalina 10.15.4) for affected software.

Q: Where can I find more information about CVE-2020-3881?

You can find more information about CVE-2020-3881 on the Apple support website.

Published Mar 24, 2020

Updated

FaceTime. A logic issue was addressed with improved state management.

Other sources

A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to view sensitive user information.

Credit

Yuval Ron, Amichai Shulman, Eli Biham(Technion)

Affected Software

4 affected componentsFixes available

apple macOS Catalina<10.15.4

10.15.4

apple Mojave

apple High Sierra

Apple iOS and macOS<10.15.4

Event History

Apr 1, 2020

CVE Published

via MITRE·05:21 PM

Data Sourced

via MITRE·05:21 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT211100

Frequently Asked Questions

What is CVE-2020-3881?

CVE-2020-3881 is a logic issue in FaceTime that has been addressed with improved state management.

What software is affected by CVE-2020-3881?

CVE-2020-3881 affects the following software versions: macOS Catalina 10.15.4 (and up to exclusive), Mojave, and High Sierra.

How severe is CVE-2020-3881?

The severity of CVE-2020-3881 is not specified.

How can I fix CVE-2020-3881?