CVE-2020-9855: Input Validation
Find My. A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.
Other sources
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.5. A local attacker may be able to elevate their privileges.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2020-9827
- CVE-2020-9772
- CVE-2020-9826
- CVE-2020-9842
- CVE-2020-9804
- CVE-2020-9815
- CVE-2020-9791
- CVE-2020-9831
- CVE-2020-9779
- CVE-2020-3882
- CVE-2020-9828
- CVE-2020-9856
- CVE-2020-9847
- CVE-2020-9855
- CVE-2020-9816
- CVE-2020-3878
- CVE-2020-9789
- CVE-2020-9790
- CVE-2020-9822
- CVE-2020-9796
- CVE-2020-9837
- CVE-2020-9821
- CVE-2020-9797
- CVE-2020-9852
- CVE-2020-9795
- CVE-2020-9808
- CVE-2020-9811
- CVE-2020-9812
- CVE-2020-9813
- CVE-2020-9814
- CVE-2020-9809
- CVE-2019-14868
- CVE-2020-9994
- CVE-2020-9857
- CVE-2020-9817
- CVE-2020-9851
- CVE-2020-9793
- CVE-2014-9512
- CVE-2020-9825
- CVE-2020-9771
- CVE-2020-9788
- CVE-2020-9854
- CVE-2020-9824
- CVE-2020-9810
- CVE-2020-9794
- CVE-2020-9839
- CVE-2020-9792
- CVE-2020-9844
- CVE-2020-9830
- CVE-2020-9834
- CVE-2020-9833
- CVE-2020-9832
- CVE-2020-9841
- CVE-2019-20044
Frequently Asked Questions
What is CVE-2020-9855?
CVE-2020-9855 is a vulnerability that existed in the handling of symlinks in Find My.
What is the severity of CVE-2020-9855?
The severity of CVE-2020-9855 has not been specified.
How does CVE-2020-9855 affect macOS Catalina?
CVE-2020-9855 affects macOS Catalina 10.15.5 with improved validation of symlinks.
Is Apple Mojave affected by CVE-2020-9855?
Yes, Apple Mojave is affected by CVE-2020-9855.
How can I fix CVE-2020-9855?
To fix CVE-2020-9855, update to the latest version of macOS Catalina as mentioned in Apple's security advisory.