CVE-2020-27898

MEDIUM

Apple Macos < 11.0.1 - Denial of Service

Title source: rule

Description

A denial of service issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1. An attacker may be able to bypass Managed Frame Protection.

References (4)

[Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2020/Dec/26

[Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2020/Dec/32

[Vendor Advisory] https://support.apple.com/en-us/HT211931

[Vendor Advisory] https://support.apple.com/kb/HT212011

Scores

CVSS v3 5.5

EPSS 0.0016

EPSS Percentile 36.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Classification

CWE

CWE-252

Status published

Affected Products (1)

apple/macos < 11.0.1

Timeline

Published Dec 08, 2020

Tracked Since Feb 18, 2026