CVE-2020-29620

HIGH

macOS 10.14-10.14.5 and 11.0 - Privilege Escalation

Title source: llm

Description

This issue was addressed with improved entitlements. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may be able to elevate privileges.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://support.apple.com/en-us/HT212011

Scores

CVSS v3 7.8

EPSS 0.0065

EPSS Percentile 46.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-269

Status published

Products (4)

apple/mac_os_x 10.14.6 (11 CPE variants)

apple/mac_os_x 10.15.7 (2 CPE variants)

apple/mac_os_x 10.14 - 10.14.6

apple/macos 11.0 - 11.1.0

Published Apr 02, 2021

Tracked Since Feb 18, 2026