SecPod

Learn Search

Search across all Learn content

← Back to Security Research
Apple Critical Security Updates December 2020

Apple Critical Security Updates December 2020

Apple released security updates for multiple products. The exploitation of some of these security flaws will allow an attacker to crash the application or potentially control affected systems. However, a patch management solution can stop the exploitation.

Dec 14, 2020By Rinu K3 min read

Apple released security updates for multiple products. The exploitation of some of these security flaws will allow an attacker to crash the application or potentially control affected systems. However, a patch management solution can stop the exploitation.

The Apple Security updates for macOS include fixes for 59 vulnerabilities, which came to light using a vulnerability scanning tool, which could allow an attacker to execute arbitrary code with kernel or system privileges, gain elevated privileges, bypass privacy preferences, read restricted memory, cause unexpected application termination or heap corruption, disclose process memory, read arbitrary files, etc.

An improper input validation issue existed in the parsing of URLs of the macOS Server. The flaw could be used by an attacker to conduct open redirect or cross-site scripting attacks. This vulnerability, which affects macOS Big Sur, was addressed with improved input validation.

A Use-After-Free vulnerability has been fixed in Apple Safari. Processing of maliciously crafted web content may allow attackers to launch arbitrary code execution. The issue was fixed by improving memory management.

Apple Security Updates Summary for December 2020

macOS

  • Affected OS: macOS Big Sur, Catalina, and Mojave
  • Affected features: AMD, App Store, AppleGraphicsControl, AppleMobileFileIntegrity, Audio, Bluetooth, CoreAudio, FontParser, Graphics Drivers, HomeKit, Image Processing, ImageIO, Intel Graphics Driver, libxml2, Kernel, libxpc, Logging, Model I/O, NSRemoteView, Power Management, Quick Look, Ruby, System Preferences, WebRTC, Wi-Fi
  • Impact: Information Disclosure, Privilege Escalation, Arbitrary code execution, Security Bypass, Memory Corruption, Cross site scripting, File System Modification
  • CVEs: CVE-2020-27914, CVE-2020-27915, CVE-2020-27903, CVE-2020-27941, CVE-2020-29621, CVE-2020-27910, CVE-2020-9943, CVE-2020-9944, CVE-2020-27916, CVE-2020-27906, CVE-2020-27948, CVE-2020-9960, CVE-2020-27908, CVE-2020-10017, CVE-2020-27922, CVE-2020-27946, CVE-2020-9962, CVE-2020-27952, CVE-2020-9956, CVE-2020-27931, CVE-2020-27943, CVE-2020-27944, CVE-2020-10002, CVE-2020-27947, CVE-2020-29612, CVE-2020-9978, CVE-2020-27919, CVE-2020-29616, CVE-2020-27924, CVE-2020-29618, CVE-2020-29611, CVE-2020-29617, CVE-2020-29619, CVE-2020-27912, CVE-2020-27923, CVE-2020-10015, CVE-2020-27897, CVE-2020-27907, CVE-2020-9974, CVE-2020-10016, CVE-2020-9967, CVE-2020-9975, CVE-2020-27921, CVE-2020-27949, CVE-2020-29620, CVE-2020-27911, CVE-2020-27920, CVE-2020-27926, CVE-2020-10014, CVE-2020-10010, CVE-2020-13524, CVE-2020-10004, CVE-2020-27901, CVE-2020-10007, CVE-2020-10012, CVE-2020-27896, CVE-2020-10009, CVE-2020-15969 and then CVE-2020-27898

iOS and iPadOS

  • Affected OS : iOS and iPadOS
  • Affected Features: App Store, CoreAudio, FontParser, ImageIO, Security, Security
  • Impact : Arbitrary Code Execution, Authentication Bypass, Information Disclosure, Memory Corruption
  • CVEs : CVE-2020-29613, CVE-2020-27948, CVE-2020-27946, CVE-2020-27943, CVE-2020-27944, CVE-2020-29617, CVE-2020-29619, CVE-2020-29618, CVE-2020-29611, CVE-2020-27951 and then CVE-2020-15969

macOS Server

  • Affected OS: macOS Big Sur
  • Affected features: Profile Manager
  • Impact: Open redirection, Cross-site scripting
  • CVEs: CVE-2020-9995

Safari

  • Affected OS: macOS Catalina and Mojave
  • Affected features: WebRTC
  • Impact: Arbitrary code execution
  • CVEs: CVE-2020-15969

tvOS

  • Product: Apple TV 4K and Apple TV HD
  • Affected features: CoreAudio, FontParser, ImageIO, WebRTC
  • Impact: Arbitrary Code Execution, Information Disclosure, Memory Corruption
  • CVEs: CVE-2020-27948, CVE-2020-27946, CVE-2020-27943, CVE-2020-27944, CVE-2020-29617, CVE-2020-29619, CVE-2020-29618, CVE-2020-29611 and then CVE-2020-15969

watchOS

  • Product: Apple Watch
  • Affected features: Security, CoreAudio, FontParser, ImageIO, WebRTC
  • Impact: Code Execution, Information Disclosure, Memory Corruption
  • CVEs: CVE-2020-27951, CVE-2020-27948, CVE-2020-27946, CVE-2020-27943, CVE-2020-27944, CVE-2020-29617, CVE-2020-29619, CVE-2020-29618, CVE-2020-29611, CVE-2020-27951 and then CVE-2020-15969

SecPod SanerNow detects these vulnerabilities and automatically fixes them by applying security updates. Download SanerNow and keep your systems updated and secure.

Featured Posts

Open CVE-2026-31431: From 732 Bytes to Root - Anatomy of a Modern Linux Privilege Escalation

CVE-2026-31431: From 732 Bytes to Root - Anatomy of a Modern Linux Privilege Escalation

CVE Research

CVE-2026-31431: From 732 Bytes to Root - Anatomy of a Modern Linux Privilege Escalation

Jun 24, 2026

Open CVE-2026-31431: The Nine-Year Kernel Bug Hiding in Plain Sight

CVE-2026-31431: The Nine-Year Kernel Bug Hiding in Plain Sight

CVE Research

CVE-2026-31431: The Nine-Year Kernel Bug Hiding in Plain Sight

Jun 23, 2026

Open Squidbleed: A 29-Year-Old Squid Proxy Flaw That Leaks Cleartext HTTP Requests
Squidbleed: A 29-Year-Old Squid Proxy Flaw That Leaks Cleartext HTTP Requests

CVE Research

Squidbleed: A 29-Year-Old Squid Proxy Flaw That Leaks Cleartext HTTP Requests

Jun 23, 2026

Open AryStinger Malware Leverages 4,300+ Legacy Routers to Establish Persistent Spy Infrastructure
AryStinger Malware Leverages 4,300+ Legacy Routers to Establish Persistent Spy Infrastructure

CVE Research

AryStinger Malware Leverages 4,300+ Legacy Routers to Establish Persistent Spy Infrastructure

AryStinger represents a calculated shift in IoT threat methodology, abandoning noisy, destructive payloads in favor of silent, long-term reconnaissance infrastructure. By exploiting unpatched, end-of-life routers and NAS devices through decade-old vulnerabilities, the threat operator has assembled a distributed fleet of over 4,300 Executor nodes capable of conducting parallelized DNS enumeration, port scanning, and service fingerprinting at scale, all while masking origin behind residential IP addresses. With active development ongoing and a potential operational timeline stretching back to 2024, AryStinger underscores a growing and underappreciated risk: forgotten edge hardware is not merely a compliance gap but exploitable infrastructure.

Jun 23, 2026

Apple Critical Security Updates December 2020 | SecPod