What is CVE-2020-36615?

CVE-2020-36615 is a vulnerability in the FontParser component of macOS Big Sur.

What is the severity of CVE-2020-36615?

CVE-2020-36615 has a severity rating of 7.8, which is considered high.

How does CVE-2020-36615 affect macOS Big Sur?

CVE-2020-36615 can lead to arbitrary code execution if a maliciously crafted font is processed.

How is CVE-2020-36615 fixed?

CVE-2020-36615 is fixed in macOS Big Sur 11.0.1 with improved bounds checking.

Where can I find more information about CVE-2020-36615?

You can find more information about CVE-2020-36615 in the Apple Support article linked here: [link](https://support.apple.com/en-us/HT211931).

Vulnerability/
CVE-2020-36615

high

7.8

CWE

125

12/11/2020

14/8/2023

8/10/2024

CVE-2020-36615

First published: Thu Nov 12 2020(Updated: )

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1. Processing a maliciously crafted font may lead to arbitrary code execution.

Credit: product-security@apple.com product-security@apple.com Peter Nguyen Hoang Vu @peternguyen14 STAR Labs

Affected Software	Affected Version	How to fix
Apple macOS	<11.0.1
Apple macOS	<11.0.1	11.0.1

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT211931 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

HT211931

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2020-27914
CVE-2020-27915
CVE-2020-27903
CVE-2020-27910
CVE-2020-27916
CVE-2020-9943
CVE-2020-9944
CVE-2020-27906
CVE-2020-27945
CVE-2020-27908
CVE-2020-27909
CVE-2020-9960
CVE-2020-10017
CVE-2020-9949
CVE-2020-9897
CVE-2020-9883
CVE-2020-10003
CVE-2020-27922
CVE-2020-9999
CVE-2020-27937
CVE-2020-9965
CVE-2020-9966
CVE-2020-27894
CVE-2020-36615
CVE-2021-1790
CVE-2021-1775
CVE-2020-29629
CVE-2020-27942
CVE-2020-9962
CVE-2020-27952
CVE-2020-9956
CVE-2020-27931
CVE-2020-27930
CVE-2020-27927
CVE-2020-29639
CVE-2020-10002
CVE-2020-9978
CVE-2020-9955
CVE-2020-27924
CVE-2020-27912
CVE-2020-27923
CVE-2020-9876
CVE-2020-10015
CVE-2020-27897
CVE-2020-27907
CVE-2020-27919
CVE-2020-9967
CVE-2020-9975
CVE-2020-27921
CVE-2020-27904
CVE-2019-14899
CVE-2020-27950
CVE-2020-9974
CVE-2020-10016
CVE-2020-27932
CVE-2020-27917
CVE-2020-27920
CVE-2020-27911
CVE-2020-9971
CVE-2020-10014
CVE-2020-10010
CVE-2020-9941
CVE-2020-9988
CVE-2020-9989
CVE-2020-10011
CVE-2020-13524
CVE-2020-10004
CVE-2020-9996
CVE-2020-27901
CVE-2020-27900
CVE-2019-20838
CVE-2020-14155
CVE-2020-10007
CVE-2020-27896
CVE-2020-9963
CVE-2020-10012
CVE-2020-10663
CVE-2020-9945
CVE-2020-9977
CVE-2020-9942
CVE-2020-9987
CVE-2021-1803
CVE-2020-9969
CVE-2020-27893
CVE-2021-1755
CVE-2020-10005
CVE-2020-9991
CVE-2020-9849
CVE-2020-15358
CVE-2020-13631
CVE-2020-13434
CVE-2020-13435
CVE-2020-13630
CVE-2020-27899
CVE-2020-10009
CVE-2020-10008
CVE-2020-27918
CVE-2020-9947
CVE-2020-9950
CVE-2020-27898
CVE-2020-27935
CVE-2020-10006

Frequently Asked Questions

What is CVE-2020-36615?
CVE-2020-36615 is a vulnerability in the FontParser component of macOS Big Sur.
What is the severity of CVE-2020-36615?
CVE-2020-36615 has a severity rating of 7.8, which is considered high.
How does CVE-2020-36615 affect macOS Big Sur?
CVE-2020-36615 can lead to arbitrary code execution if a maliciously crafted font is processed.
How is CVE-2020-36615 fixed?
CVE-2020-36615 is fixed in macOS Big Sur 11.0.1 with improved bounds checking.
Where can I find more information about CVE-2020-36615?
You can find more information about CVE-2020-36615 in the Apple Support article linked here: [link](https://support.apple.com/en-us/HT211931).

agent/type
agent/first-publish-date
agent/severity
agent/weakness
agent/author
agent/references
agent/description
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/trending
collector/nvd-api
agent/software-canonical-lookup-request
collector/nvd-index
collector/apple-support
agent/tags
agent/softwarecombine
agent/source
vendor/apple
canonical/apple macos