Vulnerabilities > CVE-2020-13520 - Out-of-bounds Write vulnerability in multiple products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

pixar

apple

CWE-787

NVD

Published: 2020-12-11

Updated: 2022-06-07

Summary

An out of bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 reconstructs paths from binary USD files. A specially crafted malformed file can trigger an out of bounds memory modification which can result in remote code execution. To trigger this vulnerability, victim needs to access an attacker-provided malformed file.

Vulnerable Configurations

Part	Description	Count
Application	Pixar Pixar Openusd 20.05	1
OS	Apple Apple Macos - Apple Macos 1.0 Apple Macos 7.5.3 Apple Macos 7.6 Apple Macos 7.6.1 Apple Macos 8.0 Apple Macos 8.1 Apple Macos 8.5 Apple Macos 8.6 Apple Macos 9 Apple Macos 9.0 Apple Macos 10.15.7 Apple Macos 11.0 Apple Macos 11.0.1	27

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References