CVE-2020-27930

🗓️ 08 Dec 2020 20:17:32Reported by appleType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 1061 Views

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. Processing a maliciously crafted font may lead to arbitrary code execution

Reporter	Title	Published	Views	Family All 42
ATTACKERKB	CVE-2020-27930	8 Dec 202000:00	–	attackerkb
Apple	About the security content of watchOS 6.2.9	5 Nov 202000:00	–	apple
Apple	About the security content of watchOS 7.1	5 Nov 202000:00	–	apple
Apple	About the security content of Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave	12 Nov 202000:00	–	apple
Apple	About the security content of macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update	5 Nov 202000:00	–	apple
Apple	About the security content of watchOS 5.3.9	5 Nov 202000:00	–	apple
Apple	About the security content of macOS Big Sur 11.0.1	12 Nov 202000:00	–	apple
Apple	About the security content of iOS 12.4.9	5 Nov 202000:00	–	apple
Apple	About the security content of iOS 14.2 and iPadOS 14.2	5 Nov 202000:00	–	apple
Apple	About the security content of watchOS 7.1 - Apple Support	15 Dec 202006:04	–	apple

NVD

Vulners

Node

apple ipadosRange<14.2

apple iphone_osRange<12.4.9

apple iphone_osRange14.0–14.2

apple mac_os_xRange<10.15.7

apple macosRange11.0–11.0.1

apple watchosRange<5.3.9

apple watchosRange6.0–6.2.9

apple watchosRange7.0–7.1

[
  {
    "product": "watchOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "7.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "iOS and iPadOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "14.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "macOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "11.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "macOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "12.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "macOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "6.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "macOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "5.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "macOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "2020",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "macOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "10.15",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
support	www.support.apple.com/en-us/HT211931
support	www.support.apple.com/en-us/HT211928
seclists	www.seclists.org/fulldisclosure/2020/Dec/32
support	www.support.apple.com/en-us/HT211944
support	www.support.apple.com/en-us/HT211940
support	www.support.apple.com/en-us/HT211945
packetstormsecurity	www.packetstormsecurity.com/files/161294/Apple-Safari-Remote-Code-Execution.html
support	www.support.apple.com/en-us/HT211947
support	www.support.apple.com/en-us/HT211929
support	www.support.apple.com/en-us/HT211946

27 Oct 2025 17:38Current

7.6High risk

Vulners AI Score7.6

CVSS 26.8

CVSS 3.17.8

EPSS0.43948

SSVC