The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges.
Base Score: 4.6
Impact Score: 6.4
Exploitability Score: 3.9
Base Score: 7.8
Impact Score: 5.9
Exploitability Score: 1.8
|146215||Apple TV < 14.2 Multiple Vulnerabilities||Nessus||Misc.|
|144453||macOS 10.14.x < 10.14.6 Security Update 2020-007 / 10.15.x < 10.15.7 Security Update 2020-001 / macOS 11.x < 11.1 (HT212011)||Nessus||MacOS X Local Security Checks|
|143115||macOS 11.0.x < 11.0.1||Nessus||MacOS X Local Security Checks|
|142881||Apple iOS < 14.2 Multiple Vulnerabilities||Nessus||Mobile Devices|