{"vulnerability": "CVE-2020-27932", "sightings": [{"uuid": "bba77f68-35fa-422a-ab69-9ec04870c921", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27932", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:17.000000Z"}, {"uuid": "ff874acb-d16f-42a5-8913-fe9f27a974ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27932", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "aceef011-42f9-46b4-8dfd-745930da4927", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27932", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971143", "content": "", "creation_timestamp": "2024-12-24T20:24:53.472250Z"}, {"uuid": "85558b4b-93ac-41f8-9e8b-a43599c87c5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27932", "type": "exploited", "source": "https://t.me/thehackernews/892", "content": "WARNING: Update your iOS devices now!\n\nApple releases emergency iOS update to patch 3 actively exploited 0-day vulnerabilities.\n\nRead details: https://thehackernews.com/2020/11/update-your-ios-devices-now-3-actively.html\n\n\u2705 CVE-2020-27930\n\u2705 CVE-2020-27932\n\u2705 CVE-2020-27950", "creation_timestamp": "2020-11-06T09:06:43.000000Z"}, {"uuid": "210a2900-90b8-43f7-a48d-8a374648702a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2020-27932", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/apple-julkaisi-korjaavia-kriittisia-paivityksia-ios-laitteiden-0-paivahaavoihin", "content": "", "creation_timestamp": "2020-11-08T07:51:35.000000Z"}, {"uuid": "55dd13f2-2f0c-482d-b7ef-7de5fd1996a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-27932", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/fdc1a843-531a-47ca-bb86-3b1549345377", "content": "", "creation_timestamp": "2026-02-02T12:28:36.637359Z"}, {"uuid": "f4c80247-62a1-42c5-b500-1b8321f2bd48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27932", "type": "seen", "source": "https://t.me/androidMalware/1128", "content": "CVE-2020-27932: iOS Kernel privesc with turnstiles \nhttps://googleprojectzero.blogspot.com/p/rca-cve-2020-27932.html", "creation_timestamp": "2022-02-27T23:15:42.000000Z"}, {"uuid": "b9368e06-460d-4c62-ad89-542efddd0b2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27932", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:47.000000Z"}, {"uuid": "902c7cd8-22cf-4148-9038-1158e44c8653", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2020-27932", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=524", "content": "", "creation_timestamp": "2020-11-06T04:00:00.000000Z"}, {"uuid": "dc9e9b6f-f9c3-4b4a-86fd-eeb9508d7b20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27932", "type": "exploited", "source": "https://t.me/true_secator/1121", "content": "\u200b\u200b\u041a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0431\u044b \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u043b\u0442\u043e\u0440\u0430 \u043c\u0435\u0441\u044f\u0446\u0430 \u043d\u0430\u0437\u0430\u0434 Apple \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 11 \u043e\u0448\u0438\u0431\u043e\u043a, \u0441\u0440\u0435\u0434\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0431\u044b\u043b\u0430 \u0438 \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044e\u0449\u0430\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 (RCE). \u0418 \u0432\u043e\u0442 \u043e\u043f\u044f\u0442\u044c, \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u044b\u0435 \u0442\u0440\u0438 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u044f\u0431\u043b\u043e\u0447\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445. \n\n\u0412\u0447\u0435\u0440\u0430 Apple \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043e\u043a iOS, iPadOS \u0438 watchOS, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0442\u0440\u0438 \u043d\u043e\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u043e\u0441\u044c \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 (!).\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043d\u0435\u0442, \u043d\u043e \u043f\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u044b Google Project Zero, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0434\u044b\u0440\u043a\u0438, \u044d\u0442\u043e \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\n\n- CVE-2020-27930 - \u043e\u0448\u0438\u0431\u043a\u0430 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 FontParser, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a RCE;\n- CVE-2020-27932 - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439;\n- CVE-2020-27950 - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u0437 \u044f\u0434\u0440\u0430 \u041e\u0421.\n\n\u041e\u0447\u0435\u043d\u044c \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u044b\u0435 \u043e\u0448\u0438\u0431\u043a\u0438, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e  \u0434\u0430\u0441\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u043f\u043e\u0434 \u0441\u0432\u043e\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c. \u0412\u0441\u0435\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0441\u0440\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f. \u041c\u044b \u0443\u0436\u0435.", "creation_timestamp": "2020-11-06T10:46:03.000000Z"}, {"uuid": "831db812-2bb1-4ca6-8ed0-8d97fa3e566a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27932", "type": "seen", "source": "https://t.me/cibsecurity/17454", "content": "\u203c CVE-2020-27932 \u203c\n\nA type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to execute arbitrary code with kernel privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T07:34:55.000000Z"}, {"uuid": "97d7d8b6-574f-45d6-b053-651ccc3a4eca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27932", "type": "seen", "source": "https://t.me/cibsecurity/17312", "content": "\u203c CVE-2020-27932 \u203c\n\nA type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to execute arbitrary code with kernel privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T00:36:39.000000Z"}, {"uuid": "a9ce684d-8ae1-4bbf-bfb6-7961d77474fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27932", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2815", "content": "#Analytics\nTop 10 Most Used Vulnerabilities of the Month (feb 1-28)\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-21972 - VMware vCenter RCE\nhttps://swarm.ptsecurity.com/unauth-rce-vmware/#more-2477\nhttps://github.com/QmF0c3UK/CVE-2021-21972-vCenter-6.5-7.0-RCE-POC\nhttps://github.com/NS-Sp4ce/CVE-2021-21972\nhttps://github.com/yaunsky/CVE-2021-21972\nCVE-2021-1732 - Windows kernel 0-day exploit is used by BITTER APT\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-1782 - iOS\\iPadOS 14.3 kernel LPE\nhttps://t.me/cybersecuritytechnologies/2694\nCVE-2021-25646 - Apache Druid &lt;=0.20.1 RCE\nhttps://t.me/cybersecuritytechnologies/2639\nCVE-2020-27932 - A type confusion in MacOS 10.15.7\nhttps://t.me/cybersecuritytechnologies/2383\nCVE-2021-24074, CVE-2021-24094, CVE-2021-24086 - Windows IPv4/IPv6 Stack RCE/DoS Vulnerabilities\nhttps://unit42.paloaltonetworks.com/cve-2021-24074-patch-tuesday", "creation_timestamp": "2021-03-03T05:37:03.000000Z"}, {"uuid": "fd096df4-f32b-423b-99e6-495224961e3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27932", "type": "seen", "source": "https://t.me/arvin_club/2957", "content": "WARNING: Update your iOS devices now!\n\nApple releases emergency iOS update to patch 3 actively exploited 0-day vulnerabilities.\n\nRead details: https://thehackernews.com/2020/11/update-your-ios-devices-now-3-actively.html\n\n\u2705 CVE-2020-27930\n\u2705 CVE-2020-27932\n\u2705 CVE-2020-27950", "creation_timestamp": "2020-11-06T15:57:15.000000Z"}, {"uuid": "093e654b-0bd9-400f-8fc1-e61786a1e9ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27932", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2943", "content": "In-the-Wild Series: October 2020 0-day discovery for Android, Windows, iOS devices\nhttps://googleprojectzero.blogspot.com/2021/03/in-wild-series-october-2020-0-day.html\nPoCs:\nCVE-2020-15999\u00a0- Chrome Freetype heap buffer overflow\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2103\nCVE-2020-17087\u00a0- Windows heap buffer overflow in cng.sys\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2104\nCVE-2020-16009\u00a0- Chrome type confusion in V8\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2106\nCVE-2020-16010/16011\u00a0- Chrome heap buffer overflow\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2112\nCVE-2020-27930\u00a0- Safari arbitrary stack read/write\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2105\nCVE-2020-27950\u00a0- iOS XNU kernel memory disclosure\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2108\nCVE-2020-27932\u00a0- iOS kernel type confusion\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2107", "creation_timestamp": "2022-06-03T18:52:35.000000Z"}, {"uuid": "f6d28ee6-dd15-46e2-8d46-ff29f333acec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27932", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2377", "content": "#Threat_Research\n1. Google Cloud Platform (GCP) Service Account-based Privilege Escalation paths\nhttps://www.praetorian.com/blog/google-cloud-platform-gcp-service-account-based-privilege-escalation-paths\n2. Examining CVE-2020-27932 on macOS 10.15.7\nhttps://worthdoingbadly.com/specialreply\n]-&gt; PoC: https://gist.github.com/zhuowei/861fd8878397d9696303259f40cb01b3", "creation_timestamp": "2024-10-09T20:07:27.000000Z"}, {"uuid": "6cf81c67-ec56-4e64-9604-c25a753d11df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27932", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2661", "content": "#Analytics\n10 most exploited vulnerabilities of the week (feb 1-7)\nCVE-2020-1350 - Exploit SIGRed/Windows DNS Server RCE\nhttps://t.me/cybersecuritytechnologies/1422\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2020-7961 - Arbitrary code execution via JSONWS\nhttps://t.me/cybersecuritytechnologies/869\nCVE-2021-25646 - Apache Druid &lt;=0.20.1 RCE\nhttps://t.me/cybersecuritytechnologies/2639\nCVE-2020-27932 - A type confusion in MacOS 10.15.7\nhttps://t.me/cybersecuritytechnologies/2383\nCVE-2019-9041 - ZzzCMS RCE\nhttps://mobile.twitter.com/i/web/status/1357931580098899970\nCVE-2021-22122 - XSS vulnerability in FortiWeb\nhttps://vulmon.com/vulnerabilitydetails?qid=CVE-2021-22122\nCVE-2019-5127 - A cmd injection in YouPHPTube Encoder\nhttps://mobile.twitter.com/i/web/status/1357546718821142528\nCVE-2020-17523 - Apache Shiro pathMatches Auth. Bypass\nhttps://t.me/cybersecuritytechnologies/2650", "creation_timestamp": "2024-05-22T06:15:17.000000Z"}]}