A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. A sandboxed process may be able to circumvent sandbox restrictions.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10009
Reference (s):
- https://support.apple.com/kb/HT212011
- FULLDISC:20201215 APPLE-SA-2020-12-14-3 macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave
- URL: http://seclists.org/fulldisclosure/2020/Dec/26
- FULLDISC:20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1
- URL: http://seclists.org/fulldisclosure/2020/Dec/32