CVE-2020-27942

Vulnerability

A logic issue in the font file parsing component of macOS allows an attacker to trigger arbitrary code execution. The vulnerability is reachable by processing a maliciously crafted font file. The issue affects macOS Catalina and Mojave and is addressed in Security Update 2021-002 Catalina and Security Update 2021-003 Mojave [1][2].

Exploitation

An attacker can exploit this vulnerability by delivering a specially crafted font file to a target system, for example via a web page, email attachment, or other means that cause the font to be loaded. No additional privileges or authentication beyond the ability to trigger font parsing are required. The attacker does not need local access; the exploit can be triggered remotely if the victim processes the malicious font (e.g., visiting a website that loads the crafted font).

Impact

Successful exploitation leads to arbitrary code execution with the privileges of the affected process (e.g., a browser or system service). This can result in full compromise of the user's system, including data exfiltration, installation of malware, or further lateral movement.

Mitigation

Apple released Security Update 2021-002 for macOS Catalina and Security Update 2021-003 for macOS Mojave on April 26, 2021, which fix this vulnerability [1][2]. Users should install the appropriate security update immediately. No workaround is available; the vulnerability is only mitigated by installing the patch.