CVE-2020-29622
Description
A race condition was addressed with additional validation. This issue is fixed in Security Update 2021-005 Catalina. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A race condition in macOS Catalina's NFS mounting allows arbitrary code execution with system privileges when a maliciously crafted NFS share is mounted.
Vulnerability
A race condition exists in the NFS mounting functionality of macOS Catalina. When mounting a maliciously crafted NFS network share, the race condition can lead to arbitrary code execution with system privileges. The issue is addressed in Security Update 2021-005 Catalina.
Exploitation
An attacker must be in a position to present a maliciously crafted NFS share to the target system, typically via network access or by tricking the user into mounting a share from an untrusted source. The race condition must be triggered during the mount process.
Impact
Successful exploitation allows the attacker to execute arbitrary code with system privileges, leading to full compromise of the affected system.
Mitigation
Apply Security Update 2021-005 Catalina, released September 13, 2021 [1]. No workarounds are available; users should update to the patched version.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <= 10.15.7 (Security Update 2021-005)
- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- support.apple.com/en-us/HT212805mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.