Apple TV < 14.2 Multiple Vulnerabilities

high Nessus Plugin ID 146215

Synopsis

The remote Apple TV device is affected by multiple vulnerabilities

Description

According to its banner, the version of Apple TV on the remote device is prior to 14.2. It is, therefore, affected by multiple vulnerabilities as described in the HT211930 advisory:

- A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A malicious application may be able to execute arbitrary code with system privileges.
(CVE-2020-27905)

- An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted audio file may lead to arbitrary code execution. (CVE-2020-27910)

- An integer overflow was addressed through improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. (CVE-2020-27911)

Solution

Upgrade to Apple TV version 14.2 or later.

See Also

https://support.apple.com/en-us/HT211930

Plugin Details

Severity: High

ID: 146215

File Name: appletv_14_2.nasl

Version: 1.3

Type: remote

Family: Misc.

Published: 2/5/2021

Updated: 2/8/2021

Risk Information

CVSS Score Source: CVE-2020-27905

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: E:U/RL:OF/RC:C

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apple:apple_tv

Required KB Items: AppleTV/Version, AppleTV/Model, AppleTV/URL, AppleTV/Port

Exploit Ease: No known exploits are available

Patch Publication Date: 11/5/2020

Vulnerability Publication Date: 11/5/2020

Reference Information

CVE: CVE-2020-9974, CVE-2020-10002, CVE-2020-10003, CVE-2020-10010, CVE-2020-10011, CVE-2020-10016, CVE-2020-10017, CVE-2020-27899, CVE-2020-27905, CVE-2020-27909, CVE-2020-27910, CVE-2020-27911, CVE-2020-27912, CVE-2020-27916, CVE-2020-27917, CVE-2020-27918, CVE-2020-27927, CVE-2020-27935

APPLE-SA: HT211930, APPLE-SA-2020-11-05-7