CVE-2020-27898 - A denial of service issue was addressed with improved state handling. This issue is fixed in macOS B

CVE-2020-27898

Summary

A denial of service issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1. An attacker may be able to bypass Managed Frame Protection.

References

http://seclists.org/fulldisclosure/2020/Dec/26
http://seclists.org/fulldisclosure/2020/Dec/32
https://support.apple.com/en-us/HT211931
https://support.apple.com/kb/HT212011

Vulnerable Configurations

cpe:2.3:o:apple:macos:11.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:11.0:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 11-03-2021 - 16:25)
Impact:
Exploitability:

CWE

CWE-252

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:P/A:N

refmap via4

confirm	https://support.apple.com/kb/HT212011
fulldisc	20201215 APPLE-SA-2020-12-14-3 macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave 20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1
misc	https://support.apple.com/en-us/HT211931

Last major update

11-03-2021 - 16:25

Published

08-12-2020 - 21:15

Last modified

11-03-2021 - 16:25