First published: Thu Nov 05 2020(Updated: )
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Big Sur 11.0.1, watchOS 7.1, tvOS 14.2. A local attacker may be able to elevate their privileges.
Credit: 08Tc3wBB ZecOps08Tc3wBB ZecOps08Tc3wBB ZecOps08Tc3wBB ZecOps product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple tvOS | <14.2 | 14.2 |
Apple watchOS | <7.1 | 7.1 |
Apple iOS | <14.2 | 14.2 |
Apple iPadOS | <14.2 | 14.2 |
Apple macOS Big Sur | <11.0.1 | 11.0.1 |
Apple iPadOS | <14.2 | |
Apple iPhone OS | <14.2 | |
Apple macOS | <11.0.1 | |
Apple tvOS | <14.2 | |
Apple watchOS | <7.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2020-27899 is a vulnerability in the Symptom Framework that allows for a use after free issue due to improper memory management.
CVE-2020-27899 affects Apple iOS up to version 14.2, Apple iPadOS up to version 14.2, Apple tvOS up to version 14.2, Apple macOS Big Sur up to version 11.0.1, and Apple watchOS up to version 7.1.
The severity of CVE-2020-27899 is not specified, but it is a use after free vulnerability that can lead to code execution or information disclosure.
To fix CVE-2020-27899, update your Apple devices to the latest available version of their respective operating systems.
You can find more information about CVE-2020-27899 on the official Apple support website.