Sign-up

ID

VAR-202010-1329


CVE

CVE-2020-3915


TITLE

Apple macOS printtool Daemon Improper Input Validation Privilege Escalation Vulnerability

Trust: 0.7

sources: ZDI: ZDI-20-587

DESCRIPTION

A path handling issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to overwrite arbitrary files. This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the printtool daemon. The issue results from the lack of proper validation of printer icon data prior to further processing. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of root. Apple macOS Catalina is a set of dedicated operating systems developed by Apple for Mac computers. Printing is one of the printing components. A security vulnerability exists in the Printing component of Apple macOS Catalina prior to 10.15.4

Trust: 1.71

sources: NVD: CVE-2020-3915 // ZDI: ZDI-20-587 // VULHUB: VHN-182040 // VULMON: CVE-2020-3915

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:ltversion:10.15.4

Trust: 1.0

vendor:applemodel:macosscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-20-587 // NVD: CVE-2020-3915

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3915
value: HIGH

Trust: 1.0

ZDI: CVE-2020-3915
value: HIGH

Trust: 0.7

CNNVD: CNNVD-202005-229
value: HIGH

Trust: 0.6

VULHUB: VHN-182040
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-3915
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-3915
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-182040
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3915
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ZDI: CVE-2020-3915
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-20-587 // VULHUB: VHN-182040 // VULMON: CVE-2020-3915 // CNNVD: CNNVD-202005-229 // NVD: CVE-2020-3915

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2020-3915

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202005-229

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202005-229

PATCH

title:Apple has issued an update to correct this vulnerability.url:https://support.apple.com/en-us/HT211100

Trust: 0.7

title:Apple macOS Catalina Printing Fixes for component security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117829

Trust: 0.6

sources: ZDI: ZDI-20-587 // CNNVD: CNNVD-202005-229

EXTERNAL IDS

db:NVDid:CVE-2020-3915

Trust: 2.5

db:ZDIid:ZDI-20-587

Trust: 1.3

db:ZDI_CANid:ZDI-CAN-9859

Trust: 0.7

db:CNNVDid:CNNVD-202005-229

Trust: 0.7

db:CNVDid:CNVD-2020-27110

Trust: 0.1

db:VULHUBid:VHN-182040

Trust: 0.1

db:VULMONid:CVE-2020-3915

Trust: 0.1

sources: ZDI: ZDI-20-587 // VULHUB: VHN-182040 // VULMON: CVE-2020-3915 // CNNVD: CNNVD-202005-229 // NVD: CVE-2020-3915

REFERENCES

url:https://support.apple.com/kb/ht211100

Trust: 1.8

url:https://support.apple.com/en-us/ht211100

Trust: 1.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-3915

Trust: 0.6

url:https://www.zerodayinitiative.com/advisories/zdi-20-587/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/181555

Trust: 0.1

sources: ZDI: ZDI-20-587 // VULHUB: VHN-182040 // VULMON: CVE-2020-3915 // CNNVD: CNNVD-202005-229 // NVD: CVE-2020-3915

CREDITS

HyungSeok Han (DaramG) @Theori

Trust: 0.7

sources: ZDI: ZDI-20-587

SOURCES

db:ZDIid:ZDI-20-587
db:VULHUBid:VHN-182040
db:VULMONid:CVE-2020-3915
db:CNNVDid:CNNVD-202005-229
db:NVDid:CVE-2020-3915

LAST UPDATE DATE

2024-11-23T23:07:47.948000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-20-587date:2020-05-06T00:00:00
db:VULHUBid:VHN-182040date:2020-10-30T00:00:00
db:VULMONid:CVE-2020-3915date:2020-10-30T00:00:00
db:CNNVDid:CNNVD-202005-229date:2021-10-29T00:00:00
db:NVDid:CVE-2020-3915date:2024-11-21T05:31:57.103

SOURCES RELEASE DATE

db:ZDIid:ZDI-20-587date:2020-05-06T00:00:00
db:VULHUBid:VHN-182040date:2020-10-22T00:00:00
db:VULMONid:CVE-2020-3915date:2020-10-22T00:00:00
db:CNNVDid:CNNVD-202005-229date:2020-05-06T00:00:00
db:NVDid:CVE-2020-3915date:2020-10-22T18:15:13.033