First published: Thu Nov 12 2020(Updated: )
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to determine kernel memory layout.
Credit: product-security@apple.com singi @theori Trend Micro Zero Day Initiativesingi @theori Trend Micro Zero Day Initiative
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS Big Sur | <11.0.1 | 11.0.1 |
Apple Mac OS X | <11.0.1 | |
Apple Mac OS X | >=10.14<10.14.6 | |
Apple Mac OS X | >=10.15<10.15.7 | |
Apple Mac OS X | =10.14.6 | |
Apple Mac OS X | =10.14.6-security_update_2019-001 | |
Apple Mac OS X | =10.14.6-security_update_2019-002 | |
Apple Mac OS X | =10.14.6-security_update_2019-004 | |
Apple Mac OS X | =10.14.6-security_update_2019-005 | |
Apple Mac OS X | =10.14.6-security_update_2019-006 | |
Apple Mac OS X | =10.14.6-security_update_2019-007 | |
Apple Mac OS X | =10.14.6-security_update_2020-001 | |
Apple Mac OS X | =10.14.6-security_update_2020-002 | |
Apple Mac OS X | =10.14.6-security_update_2020-003 | |
Apple Mac OS X | =10.14.6-security_update_2020-004 | |
Apple Mac OS X | =10.14.6-security_update_2020-005 | |
Apple Mac OS X | =10.14.6-security_update_2020-006 | |
Apple Mac OS X | =10.15.7 | |
Apple Mac OS X | =10.15.7-security_update_2020 | |
Apple macOS Big Sur | <11.1 | 11.1 |
Apple Catalina | ||
Apple Mojave |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2020-10007 is a logic issue in Power Management that has been addressed with improved state management.
CVE-2020-10007 affects macOS Big Sur versions up to and exclusive of 11.0.1, and macOS Big Sur versions up to and exclusive of 11.1.
To fix CVE-2020-10007, update your macOS to version 11.0.1 or higher.
You can find more information about CVE-2020-10007 on the Apple support page: [Apple Support](https://support.apple.com/en-us/HT212011).