CVE-2020-9824: High severity macos catalina vulnerability

Q: What is the vulnerability ID of this issue?

The vulnerability ID of this issue is CVE-2020-9824.

Q: What is the title of this vulnerability?

The title of this vulnerability is SIP. A logic issue was addressed with improved restrictions.

Q: What software is affected by this vulnerability?

The affected software includes Apple macOS Catalina (up to version 10.15.5), Apple Mojave, and Apple High Sierra.

Q: How can I fix this vulnerability?

To fix this vulnerability, update your macOS to version 10.15.5 or later.

Q: Where can I find more information about this vulnerability?

You can find more information about this vulnerability on Apple's support website: https://support.apple.com/en-us/HT211170.

Published May 26, 2020

Updated

SIP. A logic issue was addressed with improved restrictions.

Other sources

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.5. A non-privileged user may be able to modify restricted network settings.

Credit

@@jamestraynor, Csaba Fitzl@@theevilbit(Offensive Security)

Affected Software

4 affected componentsFixes available

apple macOS Catalina<10.15.5

10.15.5

apple Mojave

apple High Sierra

Apple iOS and macOS<10.15.5

Event History

Jun 9, 2020

CVE Published

via MITRE·04:14 PM

Data Sourced

via MITRE·04:14 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT211170

Frequently Asked Questions

What is the vulnerability ID of this issue?

The vulnerability ID of this issue is CVE-2020-9824.

What is the title of this vulnerability?

The title of this vulnerability is SIP. A logic issue was addressed with improved restrictions.

What software is affected by this vulnerability?

The affected software includes Apple macOS Catalina (up to version 10.15.5), Apple Mojave, and Apple High Sierra.

How can I fix this vulnerability?