Vulnerabilities > CVE-2020-29621 - Missing Authorization vulnerability in Apple mac OS X and Macos

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

apple

CWE-862

NVD

Published: 2021-04-02

Updated: 2021-04-07

Summary

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may be able to bypass Privacy preferences.

Vulnerable Configurations

Part	Description	Count
OS	Apple Apple MAC OS X 10.15 Apple MAC OS X 10.15.1 Apple MAC OS X 10.15.4 Apple MAC OS X 10.15.5 Apple MAC OS X 10.15.6 Apple MAC OS X 10.14 Apple MAC OS X 10.14.0 Apple MAC OS X 10.14.1 Apple MAC OS X 10.14.2 Apple MAC OS X 10.14.3 Apple MAC OS X 10.14.4 Apple MAC OS X 10.14.5 Apple MAC OS X 10.14.6 Apple MAC OS X 10.15.7 Apple Macos 11.0 Apple Macos 11.0.1 Apple Macos 11.1	32

Common Weakness Enumeration (CWE)

CWE-862 - Missing Authorization

References

https://support.apple.com/en-us/HT212011