CVE-2020-3906: High severity macos catalina vulnerability

Q: What is the CVE ID for this vulnerability?

The CVE ID for this vulnerability is CVE-2020-3906.

Q: What software is affected by this vulnerability?

macOS Catalina version 10.15.4, Mojave, and High Sierra are affected by this vulnerability.

Q: What is the severity of CVE-2020-3906?

The severity of CVE-2020-3906 is not mentioned in the provided information.

Q: How can I fix this vulnerability?

Update macOS Catalina to version 10.15.5 or later to fix this vulnerability.

Q: Where can I find more information about this vulnerability?

You can find more information about this vulnerability on the Apple support website: https://support.apple.com/en-us/HT211100

Published Mar 24, 2020

Updated

TCC. A logic issue was addressed with improved restrictions.

Other sources

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.4. A maliciously crafted application may be able to bypass code signing enforcement.

Credit

Patrick Wardle(Jamf)

Affected Software

4 affected componentsFixes available

apple macOS Catalina<10.15.4

10.15.4

apple Mojave

apple High Sierra

Apple iOS and macOS<10.15.4

Event History

Apr 1, 2020

CVE Published

via MITRE·05:50 PM

Data Sourced

via MITRE·05:50 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT211100

Frequently Asked Questions

What is the CVE ID for this vulnerability?

The CVE ID for this vulnerability is CVE-2020-3906.

What software is affected by this vulnerability?

macOS Catalina version 10.15.4, Mojave, and High Sierra are affected by this vulnerability.

What is the severity of CVE-2020-3906?

The severity of CVE-2020-3906 is not mentioned in the provided information.

How can I fix this vulnerability?