Sign-up

ID

VAR-202006-1634


CVE

CVE-2020-9841


TITLE

macOS Catalina Integer overflow vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-006156

DESCRIPTION

An integer overflow was addressed through improved input validation. This issue is fixed in macOS Catalina 10.15.5. An application may be able to execute arbitrary code with kernel privileges. macOS Catalina Exists in an integer overflow vulnerability due to a flaw in input validation.Kernel privileges can be obtained and arbitrary code can be executed through the application. This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the SkyLight module. Apple macOS Catalina is a set of dedicated operating systems developed by Apple for Mac computers. WindowServer is one of the application window display server components

Trust: 2.34

sources: NVD: CVE-2020-9841 // JVNDB: JVNDB-2020-006156 // ZDI: ZDI-20-683 // VULHUB: VHN-187966

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:ltversion:10.15.5

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.13.6

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.14.6

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.15.4

Trust: 0.8

vendor:applemodel:macosscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-20-683 // JVNDB: JVNDB-2020-006156 // NVD: CVE-2020-9841

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-9841
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-006156
value: HIGH

Trust: 0.8

ZDI: CVE-2020-9841
value: MEDIUM

Trust: 0.7

CNNVD: CNNVD-202005-1264
value: HIGH

Trust: 0.6

VULHUB: VHN-187966
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2020-9841
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-006156
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-187966
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-9841
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-006156
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2020-9841
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 1.8
impactScore: 3.4
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-20-683 // VULHUB: VHN-187966 // JVNDB: JVNDB-2020-006156 // CNNVD: CNNVD-202005-1264 // NVD: CVE-2020-9841

PROBLEMTYPE DATA

problemtype:CWE-190

Trust: 1.9

sources: VULHUB: VHN-187966 // JVNDB: JVNDB-2020-006156 // NVD: CVE-2020-9841

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202005-1264

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202005-1264

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-006156

PATCH
title:HT211170url:https://support.apple.com/en-us/HT211170
Trust: 0.8
title:HT211170url:https://support.apple.com/ja-jp/HT211170
Trust: 0.8
title: - url:https://support.apple.com/en-gb/HT211170
Trust: 0.7
title:Apple macOS Catalina WindowServer Fixes for component input validation error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121016
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-683 // 
            
            
            
            JVNDB: JVNDB-2020-006156 // 
            
            
            
            CNNVD: CNNVD-202005-1264

EXTERNAL IDS
db:NVDid:CVE-2020-9841
Trust: 3.2
db:ZDIid:ZDI-20-683
Trust: 1.3
db:JVNid:JVNVU98042162
Trust: 0.8
db:JVNDBid:JVNDB-2020-006156
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-10077
Trust: 0.7
db:CNNVDid:CNNVD-202005-1264
Trust: 0.7
db:AUSCERTid:ESB-2020.1859
Trust: 0.6
db:NSFOCUSid:48623
Trust: 0.6
db:CNVDid:CNVD-2020-31082
Trust: 0.1
db:VULHUBid:VHN-187966
Trust: 0.1
sources:
            
            
            ZDI: ZDI-20-683 // 
            
            
            
            VULHUB: VHN-187966 // 
            
            
            
            JVNDB: JVNDB-2020-006156 // 
            
            
            
            CNNVD: CNNVD-202005-1264 // 
            
            
            
            NVD: CVE-2020-9841

REFERENCES
url:https://support.apple.com/ht211170
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2020-9841
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9841
Trust: 0.8
url:http://jvn.jp/vu/jvnvu98042162/index.html
Trust: 0.8
url:https://support.apple.com/en-gb/ht211170
Trust: 0.7
url:http://www.nsfocus.net/vulndb/48623
Trust: 0.6
url:https://support.apple.com/en-us/ht211170
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2020.1859/
Trust: 0.6
url:https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-32343
Trust: 0.6
url:https://www.zerodayinitiative.com/advisories/zdi-20-683/
Trust: 0.6
url:https://support.apple.com/kb/ht211170
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-683 // 
            
            
            
            VULHUB: VHN-187966 // 
            
            
            
            JVNDB: JVNDB-2020-006156 // 
            
            
            
            CNNVD: CNNVD-202005-1264 // 
            
            
            
            NVD: CVE-2020-9841

CREDITS
ABC Research s.r.o.
Trust: 0.7
sources:
            
            
            ZDI: ZDI-20-683

SOURCES
db:ZDIid:ZDI-20-683
db:VULHUBid:VHN-187966
db:JVNDBid:JVNDB-2020-006156
db:CNNVDid:CNNVD-202005-1264
db:NVDid:CVE-2020-9841

LAST UPDATE DATE
2024-11-23T21:14:47.823000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-20-683date:2020-05-28T00:00:00
db:VULHUBid:VHN-187966date:2020-06-09T00:00:00
db:JVNDBid:JVNDB-2020-006156date:2020-07-02T00:00:00
db:CNNVDid:CNNVD-202005-1264date:2021-10-29T00:00:00
db:NVDid:CVE-2020-9841date:2024-11-21T05:41:22.977

SOURCES RELEASE DATE
db:ZDIid:ZDI-20-683date:2020-05-28T00:00:00
db:VULHUBid:VHN-187966date:2020-06-09T00:00:00
db:JVNDBid:JVNDB-2020-006156date:2020-07-02T00:00:00
db:CNNVDid:CNNVD-202005-1264date:2020-05-26T00:00:00
db:NVDid:CVE-2020-9841date:2020-06-09T17:15:14.737