CVE-2020-3877

HIGH

macOS <10.15.3 - RCE

Title source: llm
STIX 2.1

Description

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3, watchOS 6.1.2. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.

References (2)

Core 2
Core References
Release Notes, Vendor Advisory x_refsource_misc
https://support.apple.com/HT210919
Release Notes, Vendor Advisory x_refsource_misc
https://support.apple.com/HT210921

Scores

CVSS v3 7.5
EPSS 0.0115
EPSS Percentile 78.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-125
Status published
Products (2)
apple/mac_os_x < 10.15.3
apple/watchos < 6.1.2
Published Feb 27, 2020
Tracked Since Feb 18, 2026