{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T10:35:00.825","vulnerabilities":[{"cve":{"id":"CVE-2020-13524","sourceIdentifier":"talos-cna@cisco.com","published":"2020-12-03T18:15:10.690","lastModified":"2024-11-21T05:01:25.503","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files. A specially crafted malformed file can trigger an out-of-bounds memory access and modification which results in memory corruption. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file."},{"lang":"es","value":"Se presenta una vulnerabilidad de corrupción de memoria fuera de límites en la forma en que Pixar OpenUSD versión 20.05, usa datos SPECS de archivos binarios USD. Un archivo malformado especialmente diseñado puede desencadenar un acceso a la memoria fuera de límites y una modificación que resulta en una corrupción de memoria. Para activar esta vulnerabilidad, la víctima necesita acceder a un archivo malformado proporcionado por el atacante"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV30":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pixar:openusd:20.05:*:*:*:*:*:*:*","matchCriteriaId":"2989B344-FD33-4F80-9204-4A85CC59CF90"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","versionStartIncluding":"10.14.0","versionEndExcluding":"10.14.6","matchCriteriaId":"3E76BECE-0843-4B9F-90DE-7690764701B0"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","versionStartIncluding":"10.15","versionEndExcluding":"10.15.7","matchCriteriaId":"DB8A73F8-3074-4B32-B9F6-343B6B1988C5"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*","matchCriteriaId":"CFE26ECC-A2C2-4501-9950-510DE0E1BD86"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*","matchCriteriaId":"26108BEF-0847-4AB0-BD98-35344DFA7835"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*","matchCriteriaId":"A369D48B-6A0A-47AE-9513-D5E2E6F30931"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*","matchCriteriaId":"510F8317-94DA-498E-927A-83D5F41AF54A"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*","matchCriteriaId":"0D5D1970-6D2A-42CA-A203-42023D71730D"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*","matchCriteriaId":"C68AE52B-5139-40A4-AE9A-E752DBF07D1B"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*","matchCriteriaId":"0FD3467D-7679-479F-9C0B-A93F7CD0929D"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*","matchCriteriaId":"D4C6098E-EDBD-4A85-8282-B2E9D9333872"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*","matchCriteriaId":"518BB47B-DD76-4E8C-9F10-7EBC1E146191"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*","matchCriteriaId":"63940A55-D851-46EB-9668-D82BEFC1FE95"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*","matchCriteriaId":"68C7A97A-3801-44FA-96CA-10298FA39883"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*","matchCriteriaId":"6D69914D-46C7-4A0E-A075-C863C1692D33"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update:*:*:*:*:*:*","matchCriteriaId":"2C88BD98-46F5-447F-963A-FB9B167E31BE"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update_2:*:*:*:*:*:*","matchCriteriaId":"C7A0615B-D958-4BBF-B53F-AA839A0FE845"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*","matchCriteriaId":"F1F4BF7F-90D4-4668-B4E6-B06F4070F448"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"11.0","versionEndExcluding":"11.1","matchCriteriaId":"65DA669D-2EF4-43FE-91C5-982BB4377178"}]}]}],"references":[{"url":"http://seclists.org/fulldisclosure/2020/Dec/26","source":"talos-cna@cisco.com","tags":["Mailing List","Third Party Advisory"]},{"url":"http://seclists.org/fulldisclosure/2020/Dec/32","source":"talos-cna@cisco.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://support.apple.com/kb/HT212011","source":"talos-cna@cisco.com","tags":["Third Party Advisory"]},{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1125","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"http://seclists.org/fulldisclosure/2020/Dec/26","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://seclists.org/fulldisclosure/2020/Dec/32","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://support.apple.com/kb/HT212011","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1125","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}