{"vulnerability": "CVE-2020-27930", "sightings": [{"uuid": "183dce2e-4637-48a6-b576-f502b818f366", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27930", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:17.000000Z"}, {"uuid": "4d444e71-e94f-4f89-a82c-019c23147118", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27930", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "7cefebfd-3d3e-4d0d-856d-4d20161a85d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27930", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971146", "content": "", "creation_timestamp": "2024-12-24T20:24:56.007866Z"}, {"uuid": "13ec82a7-ac90-4d04-b25b-86a066268fbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27930", "type": "seen", "source": "https://t.me/arpsyndicate/951", "content": "#ExploitObserverAlert\n\nCVE-2020-27930\n\nDESCRIPTION: Exploit Observer has 13 entries related to CVE-2020-27930. A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. Processing a maliciously crafted font may lead to arbitrary code execution.\n\nFIRST-EPSS: 0.001920000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-03T14:13:01.000000Z"}, {"uuid": "1b91ae57-d177-431c-b92b-c0f893eb2fa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27930", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:47.000000Z"}, {"uuid": "b6ac5ebc-f823-44ef-b68f-1a99f6e8b6dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2020-27930", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=524", "content": "", "creation_timestamp": "2020-11-06T04:00:00.000000Z"}, {"uuid": "8040569f-2bca-456d-86ef-c8b9fe9c8320", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2020-27930", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/apple-julkaisi-korjaavia-kriittisia-paivityksia-ios-laitteiden-0-paivahaavoihin", "content": "", "creation_timestamp": "2020-11-08T07:51:35.000000Z"}, {"uuid": "0fb259ea-1ff3-4d57-ad00-b5c8c50126bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-27930", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5e9a7a96-a30e-4d33-8fbf-e725edef43df", "content": "", "creation_timestamp": "2026-02-02T12:28:36.289816Z"}, {"uuid": "ad54108a-61be-4d00-8641-b38eef6158d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27930", "type": "exploited", "source": "https://t.me/true_secator/1121", "content": "\u200b\u200b\u041a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0431\u044b \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u043b\u0442\u043e\u0440\u0430 \u043c\u0435\u0441\u044f\u0446\u0430 \u043d\u0430\u0437\u0430\u0434 Apple \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 11 \u043e\u0448\u0438\u0431\u043e\u043a, \u0441\u0440\u0435\u0434\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0431\u044b\u043b\u0430 \u0438 \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044e\u0449\u0430\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 (RCE). \u0418 \u0432\u043e\u0442 \u043e\u043f\u044f\u0442\u044c, \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u044b\u0435 \u0442\u0440\u0438 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u044f\u0431\u043b\u043e\u0447\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445. \n\n\u0412\u0447\u0435\u0440\u0430 Apple \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043e\u043a iOS, iPadOS \u0438 watchOS, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0442\u0440\u0438 \u043d\u043e\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u043e\u0441\u044c \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 (!).\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043d\u0435\u0442, \u043d\u043e \u043f\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u044b Google Project Zero, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0434\u044b\u0440\u043a\u0438, \u044d\u0442\u043e \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\n\n- CVE-2020-27930 - \u043e\u0448\u0438\u0431\u043a\u0430 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 FontParser, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a RCE;\n- CVE-2020-27932 - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439;\n- CVE-2020-27950 - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u0437 \u044f\u0434\u0440\u0430 \u041e\u0421.\n\n\u041e\u0447\u0435\u043d\u044c \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u044b\u0435 \u043e\u0448\u0438\u0431\u043a\u0438, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e  \u0434\u0430\u0441\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u043f\u043e\u0434 \u0441\u0432\u043e\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c. \u0412\u0441\u0435\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0441\u0440\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f. \u041c\u044b \u0443\u0436\u0435.", "creation_timestamp": "2020-11-06T10:46:03.000000Z"}, {"uuid": "3b4b4638-9113-4af4-95b8-35104fe1b049", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27930", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2943", "content": "In-the-Wild Series: October 2020 0-day discovery for Android, Windows, iOS devices\nhttps://googleprojectzero.blogspot.com/2021/03/in-wild-series-october-2020-0-day.html\nPoCs:\nCVE-2020-15999\u00a0- Chrome Freetype heap buffer overflow\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2103\nCVE-2020-17087\u00a0- Windows heap buffer overflow in cng.sys\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2104\nCVE-2020-16009\u00a0- Chrome type confusion in V8\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2106\nCVE-2020-16010/16011\u00a0- Chrome heap buffer overflow\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2112\nCVE-2020-27930\u00a0- Safari arbitrary stack read/write\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2105\nCVE-2020-27950\u00a0- iOS XNU kernel memory disclosure\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2108\nCVE-2020-27932\u00a0- iOS kernel type confusion\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2107", "creation_timestamp": "2022-06-03T18:52:35.000000Z"}, {"uuid": "e3529891-3908-4d89-98eb-177f4b8d0b7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27930", "type": "seen", "source": "https://t.me/arvin_club/2957", "content": "WARNING: Update your iOS devices now!\n\nApple releases emergency iOS update to patch 3 actively exploited 0-day vulnerabilities.\n\nRead details: https://thehackernews.com/2020/11/update-your-ios-devices-now-3-actively.html\n\n\u2705 CVE-2020-27930\n\u2705 CVE-2020-27932\n\u2705 CVE-2020-27950", "creation_timestamp": "2020-11-06T15:57:15.000000Z"}, {"uuid": "0a54f4c9-5be6-4b6e-bb6a-6a2dd8a197b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27930", "type": "exploited", "source": "https://t.me/thehackernews/892", "content": "WARNING: Update your iOS devices now!\n\nApple releases emergency iOS update to patch 3 actively exploited 0-day vulnerabilities.\n\nRead details: https://thehackernews.com/2020/11/update-your-ios-devices-now-3-actively.html\n\n\u2705 CVE-2020-27930\n\u2705 CVE-2020-27932\n\u2705 CVE-2020-27950", "creation_timestamp": "2020-11-06T09:06:43.000000Z"}, {"uuid": "b4164cf9-58ea-4a75-a2cc-d420e09a0443", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27930", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2643", "content": "#exploit\nApple CoreText libType1Scaler.dylib:\n\n1. CVE-2020-27943:\nHeap BoF in Counter Control Hints on macOS 10.15.7\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2114\n\n2. CVE-2020-27930:\nApple Safari RCE\nhttps://packetstormsecurity.com/files/161294/GS20210205162808.tgz\n\n3. CVE-2020-27946:\nMemory Disclosure\nhttps://packetstormsecurity.com/files/161297/Apple-CoreText-libType1Scaler.dylib-Memory-Disclosure.html", "creation_timestamp": "2024-10-09T19:19:19.000000Z"}]}