CVE-2020-13524

EPSS 0.41% · P61 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-13524

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files. A specially crafted malformed file can trigger an out-of-bounds memory access and modification which results in memory corruption. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

内存缓冲区边界内操作的限制不恰当

Source: NVD (National Vulnerability Database)

Vulnerability Title

Apple IO Model 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Apple IO Model是美国苹果（Apple）公司的一个用于处理IO操作的模块。 Apple IO Model 存在缓冲区错误漏洞，该漏洞可造成如果处理恶意制作的USD文件可能会导致应用程序意外终止或任意代码执行。一下设备及版本会受到影响：Apple iPhone 6s 及更高版本, iPod touch 7th generation, iPad Air 2及更高版本, iPad mini 4 及更高版本。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	Pixar	Pixar OpenUSD 20.05 , Apple macOS Catalina 10.15.3	-

II. Public POCs for CVE-2020-13524

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-13524

请登录查看更多情报信息。

https://talosintelligence.com/vulnerability_reports/TALOS-2020-1125x_refsource_MISC
https://support.apple.com/kb/HT212011x_refsource_CONFIRM
http://seclists.org/fulldisclosure/2020/Dec/32mailing-listx_refsource_FULLDISC
http://seclists.org/fulldisclosure/2020/Dec/26mailing-listx_refsource_FULLDISC
https://nvd.nist.gov/vuln/detail/CVE-2020-13524

Same Patch Batch · n/a · 2020-12-03 · 40 CVEs total

CVE-2020-6111		Allen Bradley Micrologix 1100 输入验证错误漏洞
CVE-2020-13531		Pixar OpenUSD 资源管理错误漏洞
CVE-2020-14381		linux kernel 资源管理错误漏洞
CVE-2020-28923		Play Framework 安全漏洞
CVE-2020-25649		Fasterxml Jackson 代码问题漏洞
CVE-2020-28939		OpenClinic 代码问题漏洞
CVE-2020-28938		OpenClinic 跨站脚本漏洞
CVE-2020-28937		OpenClinic GA 授权问题漏洞
CVE-2020-6017		Valvesoftware GameNetworkingSockets 缓冲区错误漏洞
CVE-2020-6021		Check Point Endpoint Security Client 代码问题漏洞
CVE-2020-13542		LogicalDoc 安全漏洞
CVE-2020-14318		Samba 安全漏洞
CVE-2020-14339		Red Hat libvirt 安全漏洞
CVE-2020-25711		Red Hat Infinispan 访问控制错误漏洞
CVE-2020-27759		ImageMagick Studio ImageMagick 输入验证错误漏洞
CVE-2020-27760		ImageMagick Studio ImageMagick 数字错误漏洞
CVE-2020-27761		ImageMagick Studio ImageMagick 输入验证错误漏洞
CVE-2020-27762		ImageMagick Studio ImageMagick 输入验证错误漏洞
CVE-2020-27763		ImageMagick Studio ImageMagick 数字错误漏洞
CVE-2020-27764		ImageMagick Studio ImageMagick 输入验证错误漏洞

Showing top 20 of 40 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Pixar

Same vendor: n/a

Same weakness: CWE-119

V. Comments for CVE-2020-13524

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2020-13524

I. Basic Information for CVE-2020-13524

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-13524

III. Intelligence Information for CVE-2020-13524

Same Patch Batch · n/a · 2020-12-03 · 40 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2020-13524

Leave a comment