Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-30946 (GCVE-0-2021-30946)
Vulnerability from cvelistv5 – Published: 2021-08-24 18:50 – Updated: 2024-08-03 22:48
VLAI?
EPSS
Summary
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. A malicious application may be able to bypass certain Privacy preferences.
Severity ?
No CVSS data available.
CWE
- A malicious application may be able to bypass certain Privacy preferences
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:48:14.214Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212975"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212976"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212978"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212979"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213056"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "8.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "12.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. A malicious application may be able to bypass certain Privacy preferences."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A malicious application may be able to bypass certain Privacy preferences",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-26T20:06:14.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212975"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212976"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212978"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212979"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT213056"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2021-30946",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "8.3"
}
]
}
},
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "15.2"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "12.1"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "11.6"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. A malicious application may be able to bypass certain Privacy preferences."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A malicious application may be able to bypass certain Privacy preferences"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT212975",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212975"
},
{
"name": "https://support.apple.com/en-us/HT212976",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212976"
},
{
"name": "https://support.apple.com/en-us/HT212978",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212978"
},
{
"name": "https://support.apple.com/en-us/HT212979",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212979"
},
{
"name": "https://support.apple.com/kb/HT213056",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT213056"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2021-30946",
"datePublished": "2021-08-24T18:50:47.000Z",
"dateReserved": "2021-04-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:48:14.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2021-30946\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2021-08-24T19:15:21.407\",\"lastModified\":\"2024-11-21T06:05:01.200\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. A malicious application may be able to bypass certain Privacy preferences.\"},{\"lang\":\"es\",\"value\":\"Se abord\u00f3 un problema de l\u00f3gica con restricciones mejoradas.\u0026#xa0;Este problema es corregido en macOS Monterey versi\u00f3n 12.1, watchOS versi\u00f3n 8.3, iOS versi\u00f3n 15.2 e iPadOS versi\u00f3n 15.2, macOS Big Sur versi\u00f3n 11.6.2.\u0026#xa0;Una aplicaci\u00f3n maliciosa puede omitir determinadas preferencias de privacidad\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.2\",\"matchCriteriaId\":\"CCE4E546-A0DD-4E9E-A6B9-C19B04D77466\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.2\",\"matchCriteriaId\":\"7FB904C1-43D1-4583-8729-5D1B1746A54C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0\",\"versionEndExcluding\":\"11.6.2\",\"matchCriteriaId\":\"287EBE44-07C0-41D3-B268-CC86CA5FD792\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0\",\"versionEndExcluding\":\"12.1\",\"matchCriteriaId\":\"CA118623-E817-42AA-AB39-6239B1284192\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.3\",\"matchCriteriaId\":\"7A7245FB-6FBE-4C09-80F5-18504CA623B3\"}]}]}],\"references\":[{\"url\":\"https://support.apple.com/en-us/HT212975\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT212976\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT212978\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT212979\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/kb/HT213056\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT212975\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/en-us/HT212976\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/en-us/HT212978\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/en-us/HT212979\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/kb/HT213056\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
CERTFR-2021-AVI-945
Vulnerability from certfr_avis - Published: 2021-12-14 - Updated: 2021-12-14
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | watchOS versions 8.x antérieures à 8.3 | ||
| Apple | N/A | iOS et iPadOS versions 15.x antérieures à 15.2 | ||
| Apple | macOS | macOS Monterey versions 12.x antérieures à 12.1 | ||
| Apple | macOS | macOS Big Sur versions 11.6.x antérieures à 11.6.2 | ||
| Apple | macOS | macOS Catalina versions antérieures à la mise à jour 2021-008 | ||
| Apple | N/A | tvOS versions 15.x antérieures à 15.2 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "watchOS versions 8.x ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS et iPadOS versions 15.x ant\u00e9rieures \u00e0 15.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Monterey versions 12.x ant\u00e9rieures \u00e0 12.1",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Big Sur versions 11.6.x ant\u00e9rieures \u00e0 11.6.2",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Catalina versions ant\u00e9rieures \u00e0 la mise \u00e0 jour 2021-008",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions 15.x ant\u00e9rieures \u00e0 15.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-30993",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30993"
},
{
"name": "CVE-2021-30983",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30983"
},
{
"name": "CVE-2021-30971",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30971"
},
{
"name": "CVE-2021-30964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30964"
},
{
"name": "CVE-2021-30957",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30957"
},
{
"name": "CVE-2021-30981",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30981"
},
{
"name": "CVE-2021-30939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30939"
},
{
"name": "CVE-2021-30948",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30948"
},
{
"name": "CVE-2021-30767",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30767"
},
{
"name": "CVE-2021-30987",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30987"
},
{
"name": "CVE-2021-30992",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30992"
},
{
"name": "CVE-2021-30969",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30969"
},
{
"name": "CVE-2021-30963",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30963"
},
{
"name": "CVE-2021-30967",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30967"
},
{
"name": "CVE-2021-30951",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30951"
},
{
"name": "CVE-2021-30986",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30986"
},
{
"name": "CVE-2021-30916",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30916"
},
{
"name": "CVE-2021-30950",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30950"
},
{
"name": "CVE-2021-30976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30976"
},
{
"name": "CVE-2021-30965",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30965"
},
{
"name": "CVE-2021-30966",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30966"
},
{
"name": "CVE-2021-30982",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30982"
},
{
"name": "CVE-2021-30941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30941"
},
{
"name": "CVE-2021-30985",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30985"
},
{
"name": "CVE-2021-30958",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30958"
},
{
"name": "CVE-2021-30931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30931"
},
{
"name": "CVE-2021-30960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30960"
},
{
"name": "CVE-2021-30968",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30968"
},
{
"name": "CVE-2021-30945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30945"
},
{
"name": "CVE-2021-30934",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30934"
},
{
"name": "CVE-2021-30947",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30947"
},
{
"name": "CVE-2021-30932",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30932"
},
{
"name": "CVE-2021-30979",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30979"
},
{
"name": "CVE-2021-30980",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30980"
},
{
"name": "CVE-2021-30973",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30973"
},
{
"name": "CVE-2021-30970",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30970"
},
{
"name": "CVE-2021-30996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30996"
},
{
"name": "CVE-2021-30940",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30940"
},
{
"name": "CVE-2021-30954",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30954"
},
{
"name": "CVE-2021-30977",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30977"
},
{
"name": "CVE-2021-30942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30942"
},
{
"name": "CVE-2021-30990",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30990"
},
{
"name": "CVE-2021-30929",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30929"
},
{
"name": "CVE-2021-30937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30937"
},
{
"name": "CVE-2021-30936",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30936"
},
{
"name": "CVE-2021-30975",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30975"
},
{
"name": "CVE-2021-30953",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30953"
},
{
"name": "CVE-2021-30952",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30952"
},
{
"name": "CVE-2021-30949",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30949"
},
{
"name": "CVE-2021-30926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30926"
},
{
"name": "CVE-2021-30946",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30946"
},
{
"name": "CVE-2021-30991",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30991"
},
{
"name": "CVE-2021-30935",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30935"
},
{
"name": "CVE-2021-30938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30938"
},
{
"name": "CVE-2021-30955",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30955"
},
{
"name": "CVE-2021-30927",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30927"
},
{
"name": "CVE-2021-30988",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30988"
},
{
"name": "CVE-2021-30959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30959"
},
{
"name": "CVE-2021-30984",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30984"
},
{
"name": "CVE-2021-30995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30995"
},
{
"name": "CVE-2021-30961",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30961"
}
],
"initial_release_date": "2021-12-14T00:00:00",
"last_revision_date": "2021-12-14T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-945",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-12-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un d\u00e9ni de service et un contournement de\nla politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212979 du 13 d\u00e9cembre 2021",
"url": "https://support.apple.com/en-us/HT212979"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212981 du 13 d\u00e9cembre 2021",
"url": "https://support.apple.com/en-us/HT212981"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212976 du 13 d\u00e9cembre 2021",
"url": "https://support.apple.com/en-us/HT212976"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212975 du 13 d\u00e9cembre 2021",
"url": "https://support.apple.com/en-us/HT212975"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212978 du 13 d\u00e9cembre 2021",
"url": "https://support.apple.com/en-us/HT212978"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212980 du 13 d\u00e9cembre 2021",
"url": "https://support.apple.com/en-us/HT212980"
}
]
}
CERTFR-2022-AVI-088
Vulnerability from certfr_avis - Published: 2022-01-27 - Updated: 2022-01-27
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | iOS et iPadOS versions 15.x antérieures à 15.3 | ||
| Apple | macOS | macOS Big Sur versions 11.6.x antérieures à 11.6.3 | ||
| Apple | macOS | macOS Monterey versions 12.x antérieures à 12.2 | ||
| Apple | macOS | macOS Catalina versions antérieures à la mise à jour 2022-001 | ||
| Apple | N/A | watchOS versions 8.x antérieures à 8.4 | ||
| Apple | N/A | tvOS versions 15.x antérieures à 15.3 | ||
| Apple | Safari | Safari versions 15.x antérieures à 15.3 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iOS et iPadOS versions 15.x ant\u00e9rieures \u00e0 15.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Big Sur versions 11.6.x ant\u00e9rieures \u00e0 11.6.3",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Monterey versions 12.x ant\u00e9rieures \u00e0 12.2",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Catalina versions ant\u00e9rieures \u00e0 la mise \u00e0 jour 2022-001",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "watchOS versions 8.x ant\u00e9rieures \u00e0 8.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions 15.x ant\u00e9rieures \u00e0 15.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions 15.x ant\u00e9rieures \u00e0 15.3",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-22594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22594"
},
{
"name": "CVE-2022-22587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22587"
},
{
"name": "CVE-2022-22590",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22590"
},
{
"name": "CVE-2022-22589",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22589"
},
{
"name": "CVE-2022-22585",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22585"
},
{
"name": "CVE-2022-22591",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22591"
},
{
"name": "CVE-2022-22592",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22592"
},
{
"name": "CVE-2022-22584",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22584"
},
{
"name": "CVE-2022-22583",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22583"
},
{
"name": "CVE-2022-22579",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22579"
},
{
"name": "CVE-2021-30960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30960"
},
{
"name": "CVE-2022-22586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22586"
},
{
"name": "CVE-2021-30972",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30972"
},
{
"name": "CVE-2022-22593",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22593"
},
{
"name": "CVE-2022-22578",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22578"
},
{
"name": "CVE-2021-30946",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30946"
}
],
"initial_release_date": "2022-01-27T00:00:00",
"last_revision_date": "2022-01-27T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-088",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-01-27T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un d\u00e9ni de service et un contournement de\nla politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT213059 du 26 janvier 2022",
"url": "https://support.apple.com/en-us/HT213059"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT213056 du 26 janvier 2022",
"url": "https://support.apple.com/en-us/HT213056"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT213057 du 26 janvier 2022",
"url": "https://support.apple.com/en-us/HT213057"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT213058 du 26 janvier 2022",
"url": "https://support.apple.com/en-us/HT213058"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT213054 du 26 janvier 2022",
"url": "https://support.apple.com/en-us/HT213054"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT213053 du 26 janvier 2022",
"url": "https://support.apple.com/en-us/HT213053"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT213055 du 26 janvier 2022",
"url": "https://support.apple.com/en-us/HT213055"
}
]
}
GSD-2021-30946
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. A malicious application may be able to bypass certain Privacy preferences.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-30946",
"description": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. A malicious application may be able to bypass certain Privacy preferences.",
"id": "GSD-2021-30946"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-30946"
],
"details": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. A malicious application may be able to bypass certain Privacy preferences.",
"id": "GSD-2021-30946",
"modified": "2023-12-13T01:23:30.775278Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2021-30946",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "8.3"
}
]
}
},
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "15.2"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "12.1"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "11.6"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. A malicious application may be able to bypass certain Privacy preferences."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A malicious application may be able to bypass certain Privacy preferences"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT212975",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212975"
},
{
"name": "https://support.apple.com/en-us/HT212976",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212976"
},
{
"name": "https://support.apple.com/en-us/HT212978",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212978"
},
{
"name": "https://support.apple.com/en-us/HT212979",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212979"
},
{
"name": "https://support.apple.com/kb/HT213056",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT213056"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.2",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1",
"versionStartIncluding": "12.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-30946"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. A malicious application may be able to bypass certain Privacy preferences."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT212975",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT212975"
},
{
"name": "https://support.apple.com/en-us/HT212978",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT212978"
},
{
"name": "https://support.apple.com/en-us/HT212979",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT212979"
},
{
"name": "https://support.apple.com/en-us/HT212976",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT212976"
},
{
"name": "https://support.apple.com/kb/HT213056",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT213056"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-02-05T02:02Z",
"publishedDate": "2021-08-24T19:15Z"
}
}
}
VAR-202108-1261
Vulnerability from variot - Updated: 2024-08-14 13:15A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. A malicious application may be able to bypass certain Privacy preferences. iPadOS , iOS , macOS Unspecified vulnerabilities exist in multiple Apple products.Information may be obtained. ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by the CVE program. Notes: none. Information about the security content is also available at https://support.apple.com/HT212979.
Archive Utility Available for: macOS Big Sur Impact: A malicious application may bypass Gatekeeper checks Description: A logic issue was addressed with improved state management. CVE-2021-30950: @gorelics
Bluetooth Available for: macOS Big Sur Impact: A malicious application may be able to disclose kernel memory Description: A logic issue was addressed with improved validation. CVE-2021-30931: Weiteng Chen, Zheng Zhang, and Zhiyun Qian of UC Riverside, and Yu Wang of Didi Research America
Bluetooth Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved validation. CVE-2021-30935: an anonymous researcher
ColorSync Available for: macOS Big Sur Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation. CVE-2021-30942: Mateusz Jurczyk of Google Project Zero
CoreAudio Available for: macOS Big Sur Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information Description: A buffer overflow issue was addressed with improved memory handling. CVE-2021-30959: JunDong Xie of Ant Security Light-Year Lab CVE-2021-30961: an anonymous researcher CVE-2021-30963: JunDong Xie of Ant Security Light-Year Lab
CoreAudio Available for: macOS Big Sur Impact: Playing a malicious audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-30958: JunDong Xie of Ant Security Light-Year Lab
Crash Reporter Available for: macOS Big Sur Impact: A local attacker may be able to elevate their privileges Description: This issue was addressed with improved checks. CVE-2021-30945: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)
Graphics Drivers Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2021-30977: Jack Dates of RET2 Systems, Inc.
Help Viewer Available for: macOS Big Sur Impact: Processing a maliciously crafted URL may cause unexpected JavaScript execution from a file on disk Description: A path handling issue was addressed with improved validation. CVE-2021-30969: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)
ImageIO Available for: macOS Big Sur Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30939: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab, Mickey Jin (@patch1t) of Trend Micro
Intel Graphics Driver Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2021-30981: Liu Long of Ant Security Light-Year Lab, an anonymous researcher
IOUSBHostFamily Available for: macOS Big Sur Impact: A remote attacker may be able to cause unexpected application termination or heap corruption Description: A race condition was addressed with improved locking. CVE-2021-30982: Weiteng Chen, Zheng Zhang, and Zhiyun Qian of UC Riverside, and Yu Wang of Didi Research America
Kernel Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2021-30927: Xinru Chi of Pangu Lab CVE-2021-30980: Xinru Chi of Pangu Lab
Kernel Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption vulnerability was addressed with improved locking. CVE-2021-30937: Sergei Glazunov of Google Project Zero
Kernel Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2021-30949: Ian Beer of Google Project Zero
LaunchServices Available for: macOS Big Sur Impact: A malicious application may bypass Gatekeeper checks Description: A logic issue was addressed with improved validation. CVE-2021-30990: Ron Masas of BreakPoint.sh
LaunchServices Available for: macOS Big Sur Impact: A malicious application may bypass Gatekeeper checks Description: A logic issue was addressed with improved state management. CVE-2021-30976: chenyuwang (@mzzzz__) and Kirin (@Pwnrin) of Tencent Security Xuanwu Lab
Model I/O Available for: macOS Big Sur Impact: Processing a maliciously crafted USD file may disclose memory contents Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-30929: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab
Model I/O Available for: macOS Big Sur Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. CVE-2021-30979: Mickey Jin (@patch1t) of Trend Micro
Model I/O Available for: macOS Big Sur Impact: Processing a maliciously crafted USD file may disclose memory contents Description: A buffer overflow issue was addressed with improved memory handling. CVE-2021-30940: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab CVE-2021-30941: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab
Model I/O Available for: macOS Big Sur Impact: Processing a maliciously crafted file may disclose user information Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-30973: Ye Zhang (@co0py_Cat) of Baidu Security
Model I/O Available for: macOS Big Sur Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-30971: Ye Zhang (@co0py_Cat) of Baidu Security
Preferences Available for: macOS Big Sur Impact: A malicious application may be able to elevate privileges Description: A race condition was addressed with improved state handling. CVE-2021-30995: Mickey Jin (@patch1t) of Trend Micro, Mickey Jin (@patch1t)
Sandbox Available for: macOS Big Sur Impact: A malicious application may be able to bypass certain Privacy preferences Description: A validation issue related to hard link behavior was addressed with improved sandbox restrictions. CVE-2021-30968: Csaba Fitzl (@theevilbit) of Offensive Security
Sandbox Available for: macOS Big Sur Impact: An application may be able to access a user's files Description: An access issue was addressed with additional sandbox restrictions. CVE-2021-30946: @gorelics
Script Editor Available for: macOS Big Sur Impact: A malicious OSAX scripting addition may bypass Gatekeeper checks and circumvent sandbox restrictions Description: This issue was addressed by disabling execution of JavaScript when viewing a scripting dictionary. CVE-2021-30975: Ryan Pickren (ryanpickren.com)
TCC Available for: macOS Big Sur Impact: A local user may be able to modify protected parts of the file system Description: A logic issue was addressed with improved state management. CVE-2021-30767: @gorelics
TCC Available for: macOS Big Sur Impact: A malicious application may be able to bypass Privacy preferences Description: A logic issue was addressed with improved state management. CVE-2021-30970: Jonathan Bar Or of Microsoft
TCC Available for: macOS Big Sur Impact: A malicious application may be able to cause a denial of service to Endpoint Security clients Description: A logic issue was addressed with improved state management. CVE-2021-30965: Csaba Fitzl (@theevilbit) of Offensive Security
Wi-Fi Available for: macOS Big Sur Impact: A local user may be able to cause unexpected system termination or read kernel memory Description: This issue was addressed with improved checks. CVE-2021-30938: Xinru Chi of Pangu Lab
Additional recognition
Admin Framework We would like to acknowledge Simon Andersen of Aarhus University and Pico Mitchell for their assistance.
ColorSync We would like to acknowledge Mateusz Jurczyk of Google Project Zero for their assistance.
Contacts We would like to acknowledge Minchan Park (03stin) for their assistance.
Kernel We would like to acknowledge Amit Klein of Bar-Ilan University's Center for Research in Applied Cryptography and Cyber Security for their assistance.
Model I/O We would like to acknowledge Rui Yang and Xingwei Lin of Ant Security Light-Year Lab for their assistance.
Installation note: This update may be obtained from the Mac App Store
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmG6UncACgkQeC9qKD1p rhi3ZA/+JN0mQCWghikUr8/kK9kNAz6FtHO3M5yvyXXQkArAQBmaTk5aaSpsEDi1 KrE+khCjp7N1eGTHrJ2L6q35X+2UEZZUGC/Uic7Dt/CKoQvkTyfGKCHMIhTxF6O8 JGRIz1+wKCXq8lADs29Q1rRg0TkfaIcbCiKI0YMNWgGWBVuXy5LBq/6EvZ2f8Vhe kvDB46D27C9xHgbCq+ihmVdE6iwAVfVYYOh22uP2lGkT6a1jKI6iifkPl/tuiiVy ZWRLWUJwa3HOdAzy511MSjdnj9RBsI4TYJa4QW+Urn8N4sf9wlrU+5Ng+Yfob4U7 n1G2g2V3o3CQpInl+L7CQN44oFYy9UMmuQGtWd3AqcUbTASuoYcV7P6Hz9X5Akwo buASJcsVBbsCCcFGu8OCygvM3ro44D7uG0vPy65BBTVxgiEyUtSuEE8Gti930zC0 FbBgIQk0W2rvBZiEh+stl/87XrIso18oW7k2D5gmkud6TWqK83JxS8Dmd8Rs1uGW Jc2f7enQyN3OQ2MqcU2aYPdV9+QoEq4Hn29xlct99Vq8lcSwp+rtrP7ZgF3MqVRB Dku4o5Xeh3JngTn1si+lk7X1xVX8DHPnV/k0ZUuCB6TJOLUkdye8ezoLpmkf6Nq/ Q5LC4KIwz9JVMON1ZArO58EMBJXKrA8doxHAxZBOBJxBJQqEltQ\x8afg -----END PGP SIGNATURE-----
.
Installation note:
Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About"
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202108-1261",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ipados",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "15.2"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "15.2"
},
{
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.6.2"
},
{
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.1"
},
{
"model": "macos",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "11.0"
},
{
"model": "macos",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "12.0"
},
{
"model": "watchos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "8.3"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": "8.3"
},
{
"model": "ios",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "macos",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "ipados",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-021007"
},
{
"db": "NVD",
"id": "CVE-2021-30946"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple",
"sources": [
{
"db": "PACKETSTORM",
"id": "165356"
},
{
"db": "PACKETSTORM",
"id": "165359"
},
{
"db": "PACKETSTORM",
"id": "165774"
}
],
"trust": 0.3
},
"cve": "CVE-2021-30946",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2021-30946",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-390679",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2021-30946",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-30946",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-30946",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-30946",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202108-2047",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-390679",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-390679"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021007"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-2047"
},
{
"db": "NVD",
"id": "CVE-2021-30946"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. A malicious application may be able to bypass certain Privacy preferences. iPadOS , iOS , macOS Unspecified vulnerabilities exist in multiple Apple products.Information may be obtained. ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by the CVE program. Notes: none. \nInformation about the security content is also available at\nhttps://support.apple.com/HT212979. \n\nArchive Utility\nAvailable for: macOS Big Sur\nImpact: A malicious application may bypass Gatekeeper checks\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2021-30950: @gorelics\n\nBluetooth\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to disclose kernel memory\nDescription: A logic issue was addressed with improved validation. \nCVE-2021-30931: Weiteng Chen, Zheng Zhang, and Zhiyun Qian of UC\nRiverside, and Yu Wang of Didi Research America\n\nBluetooth\nAvailable for: macOS Big Sur\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A logic issue was addressed with improved validation. \nCVE-2021-30935: an anonymous researcher\n\nColorSync\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: A memory corruption issue in the processing of ICC\nprofiles was addressed with improved input validation. \nCVE-2021-30942: Mateusz Jurczyk of Google Project Zero\n\nCoreAudio\nAvailable for: macOS Big Sur\nImpact: Parsing a maliciously crafted audio file may lead to\ndisclosure of user information\nDescription: A buffer overflow issue was addressed with improved\nmemory handling. \nCVE-2021-30959: JunDong Xie of Ant Security Light-Year Lab\nCVE-2021-30961: an anonymous researcher\nCVE-2021-30963: JunDong Xie of Ant Security Light-Year Lab\n\nCoreAudio\nAvailable for: macOS Big Sur\nImpact: Playing a malicious audio file may lead to arbitrary code\nexecution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2021-30958: JunDong Xie of Ant Security Light-Year Lab\n\nCrash Reporter\nAvailable for: macOS Big Sur\nImpact: A local attacker may be able to elevate their privileges\nDescription: This issue was addressed with improved checks. \nCVE-2021-30945: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020)\nof Tencent Security Xuanwu Lab (xlab.tencent.com)\n\nGraphics Drivers\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A buffer overflow was addressed with improved bounds\nchecking. \nCVE-2021-30977: Jack Dates of RET2 Systems, Inc. \n\nHelp Viewer\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted URL may cause unexpected\nJavaScript execution from a file on disk\nDescription: A path handling issue was addressed with improved\nvalidation. \nCVE-2021-30969: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020)\nof Tencent Security Xuanwu Lab (xlab.tencent.com)\n\nImageIO\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2021-30939: Rui Yang and Xingwei Lin of Ant Security Light-Year\nLab, Mickey Jin (@patch1t) of Trend Micro\n\nIntel Graphics Driver\nAvailable for: macOS Big Sur\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A buffer overflow was addressed with improved bounds\nchecking. \nCVE-2021-30981: Liu Long of Ant Security Light-Year Lab, an anonymous\nresearcher\n\nIOUSBHostFamily\nAvailable for: macOS Big Sur\nImpact: A remote attacker may be able to cause unexpected application\ntermination or heap corruption\nDescription: A race condition was addressed with improved locking. \nCVE-2021-30982: Weiteng Chen, Zheng Zhang, and Zhiyun Qian of UC\nRiverside, and Yu Wang of Didi Research America\n\nKernel\nAvailable for: macOS Big Sur\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2021-30927: Xinru Chi of Pangu Lab\nCVE-2021-30980: Xinru Chi of Pangu Lab\n\nKernel\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A memory corruption vulnerability was addressed with\nimproved locking. \nCVE-2021-30937: Sergei Glazunov of Google Project Zero\n\nKernel\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2021-30949: Ian Beer of Google Project Zero\n\nLaunchServices\nAvailable for: macOS Big Sur\nImpact: A malicious application may bypass Gatekeeper checks\nDescription: A logic issue was addressed with improved validation. \nCVE-2021-30990: Ron Masas of BreakPoint.sh\n\nLaunchServices\nAvailable for: macOS Big Sur\nImpact: A malicious application may bypass Gatekeeper checks\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2021-30976: chenyuwang (@mzzzz__) and Kirin (@Pwnrin) of Tencent\nSecurity Xuanwu Lab\n\nModel I/O\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted USD file may disclose memory\ncontents\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2021-30929: Rui Yang and Xingwei Lin of Ant Security Light-Year\nLab\n\nModel I/O\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted USD file may lead to\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow issue was addressed with improved\nmemory handling. \nCVE-2021-30979: Mickey Jin (@patch1t) of Trend Micro\n\nModel I/O\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted USD file may disclose memory\ncontents\nDescription: A buffer overflow issue was addressed with improved\nmemory handling. \nCVE-2021-30940: Rui Yang and Xingwei Lin of Ant Security Light-Year\nLab\nCVE-2021-30941: Rui Yang and Xingwei Lin of Ant Security Light-Year\nLab\n\nModel I/O\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted file may disclose user\ninformation\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2021-30973: Ye Zhang (@co0py_Cat) of Baidu Security\n\nModel I/O\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted USD file may lead to\nunexpected application termination or arbitrary code execution\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2021-30971: Ye Zhang (@co0py_Cat) of Baidu Security\n\nPreferences\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to elevate privileges\nDescription: A race condition was addressed with improved state\nhandling. \nCVE-2021-30995: Mickey Jin (@patch1t) of Trend Micro, Mickey Jin\n(@patch1t)\n\nSandbox\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to bypass certain Privacy\npreferences\nDescription: A validation issue related to hard link behavior was\naddressed with improved sandbox restrictions. \nCVE-2021-30968: Csaba Fitzl (@theevilbit) of Offensive Security\n\nSandbox\nAvailable for: macOS Big Sur\nImpact: An application may be able to access a user\u0027s files\nDescription: An access issue was addressed with additional sandbox\nrestrictions. \nCVE-2021-30946: @gorelics\n\nScript Editor\nAvailable for: macOS Big Sur\nImpact: A malicious OSAX scripting addition may bypass Gatekeeper\nchecks and circumvent sandbox restrictions\nDescription: This issue was addressed by disabling execution of\nJavaScript when viewing a scripting dictionary. \nCVE-2021-30975: Ryan Pickren (ryanpickren.com)\n\nTCC\nAvailable for: macOS Big Sur\nImpact: A local user may be able to modify protected parts of the\nfile system\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2021-30767: @gorelics\n\nTCC\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to bypass Privacy\npreferences\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2021-30970: Jonathan Bar Or of Microsoft\n\nTCC\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to cause a denial of\nservice to Endpoint Security clients\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2021-30965: Csaba Fitzl (@theevilbit) of Offensive Security\n\nWi-Fi\nAvailable for: macOS Big Sur\nImpact: A local user may be able to cause unexpected system\ntermination or read kernel memory\nDescription: This issue was addressed with improved checks. \nCVE-2021-30938: Xinru Chi of Pangu Lab\n\nAdditional recognition\n\nAdmin Framework\nWe would like to acknowledge Simon Andersen of Aarhus University and\nPico Mitchell for their assistance. \n\nColorSync\nWe would like to acknowledge Mateusz Jurczyk of Google Project Zero\nfor their assistance. \n\nContacts\nWe would like to acknowledge Minchan Park (03stin) for their\nassistance. \n\nKernel\nWe would like to acknowledge Amit Klein of Bar-Ilan University\u0027s\nCenter for Research in Applied Cryptography and Cyber Security for\ntheir assistance. \n\nModel I/O\nWe would like to acknowledge Rui Yang and Xingwei Lin of Ant Security\nLight-Year Lab for their assistance. \n\nInstallation note:\nThis update may be obtained from the Mac App Store\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmG6UncACgkQeC9qKD1p\nrhi3ZA/+JN0mQCWghikUr8/kK9kNAz6FtHO3M5yvyXXQkArAQBmaTk5aaSpsEDi1\nKrE+khCjp7N1eGTHrJ2L6q35X+2UEZZUGC/Uic7Dt/CKoQvkTyfGKCHMIhTxF6O8\nJGRIz1+wKCXq8lADs29Q1rRg0TkfaIcbCiKI0YMNWgGWBVuXy5LBq/6EvZ2f8Vhe\nkvDB46D27C9xHgbCq+ihmVdE6iwAVfVYYOh22uP2lGkT6a1jKI6iifkPl/tuiiVy\nZWRLWUJwa3HOdAzy511MSjdnj9RBsI4TYJa4QW+Urn8N4sf9wlrU+5Ng+Yfob4U7\nn1G2g2V3o3CQpInl+L7CQN44oFYy9UMmuQGtWd3AqcUbTASuoYcV7P6Hz9X5Akwo\nbuASJcsVBbsCCcFGu8OCygvM3ro44D7uG0vPy65BBTVxgiEyUtSuEE8Gti930zC0\nFbBgIQk0W2rvBZiEh+stl/87XrIso18oW7k2D5gmkud6TWqK83JxS8Dmd8Rs1uGW\nJc2f7enQyN3OQ2MqcU2aYPdV9+QoEq4Hn29xlct99Vq8lcSwp+rtrP7ZgF3MqVRB\nDku4o5Xeh3JngTn1si+lk7X1xVX8DHPnV/k0ZUuCB6TJOLUkdye8ezoLpmkf6Nq/\nQ5LC4KIwz9JVMON1ZArO58EMBJXKrA8doxHAxZBOBJxBJQqEltQ\\x8afg\n-----END PGP SIGNATURE-----\n\n\n\n. \n\nInstallation note:\n\nInstructions on how to update your Apple Watch software are\navailable at https://support.apple.com/kb/HT204641\n\nTo check the version on your Apple Watch, open the Apple Watch app\non your iPhone and select \"My Watch \u003e General \u003e About\". \n\nAlternatively, on your watch, select \"My Watch \u003e General \u003e About\"",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30946"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021007"
},
{
"db": "VULHUB",
"id": "VHN-390679"
},
{
"db": "VULMON",
"id": "CVE-2021-30946"
},
{
"db": "PACKETSTORM",
"id": "165356"
},
{
"db": "PACKETSTORM",
"id": "165359"
},
{
"db": "PACKETSTORM",
"id": "165774"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-30946",
"trust": 3.7
},
{
"db": "PACKETSTORM",
"id": "165356",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "165774",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021007",
"trust": 0.8
},
{
"db": "CS-HELP",
"id": "SB2022012632",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021121434",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0401",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.4260",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202108-2047",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "165359",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-390679",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-30946",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-390679"
},
{
"db": "VULMON",
"id": "CVE-2021-30946"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021007"
},
{
"db": "PACKETSTORM",
"id": "165356"
},
{
"db": "PACKETSTORM",
"id": "165359"
},
{
"db": "PACKETSTORM",
"id": "165774"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-2047"
},
{
"db": "NVD",
"id": "CVE-2021-30946"
}
]
},
"id": "VAR-202108-1261",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-390679"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:15:58.836000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT212978 Apple\u00a0 Security update",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT212975"
},
{
"title": "Apple iOS and iPadOS Fixes for permissions and access control issues vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176526"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-021007"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-2047"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-668",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-390679"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021007"
},
{
"db": "NVD",
"id": "CVE-2021-30946"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://support.apple.com/kb/ht213056"
},
{
"trust": 2.3,
"url": "https://support.apple.com/en-us/ht212976"
},
{
"trust": 1.7,
"url": "https://support.apple.com/en-us/ht212975"
},
{
"trust": 1.7,
"url": "https://support.apple.com/en-us/ht212978"
},
{
"trust": 1.7,
"url": "https://support.apple.com/en-us/ht212979"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30946"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022012632"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/165774/apple-security-advisory-2022-01-26-4.html"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht213056"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.4260"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-37064"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021121434"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/165356/apple-security-advisory-2021-12-15-3.html"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-37394"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0401"
},
{
"trust": 0.3,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.3,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30958"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30927"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30945"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30939"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30937"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30968"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30949"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30767"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30947"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30942"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30938"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30935"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30950"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30941"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht212979."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30973"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30931"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30959"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30971"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30970"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30940"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30929"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30966"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30936"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30926"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30984"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30957"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30953"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30916"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30952"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht204641"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30955"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30951"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30954"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30934"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30980"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht212975."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30964"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht213056."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22593"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30972"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22579"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22583"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-390679"
},
{
"db": "VULMON",
"id": "CVE-2021-30946"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021007"
},
{
"db": "PACKETSTORM",
"id": "165356"
},
{
"db": "PACKETSTORM",
"id": "165359"
},
{
"db": "PACKETSTORM",
"id": "165774"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-2047"
},
{
"db": "NVD",
"id": "CVE-2021-30946"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-390679"
},
{
"db": "VULMON",
"id": "CVE-2021-30946"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021007"
},
{
"db": "PACKETSTORM",
"id": "165356"
},
{
"db": "PACKETSTORM",
"id": "165359"
},
{
"db": "PACKETSTORM",
"id": "165774"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-2047"
},
{
"db": "NVD",
"id": "CVE-2021-30946"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-390679"
},
{
"date": "2021-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2021-30946"
},
{
"date": "2024-07-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-021007"
},
{
"date": "2021-12-17T19:19:33",
"db": "PACKETSTORM",
"id": "165356"
},
{
"date": "2021-12-17T19:20:06",
"db": "PACKETSTORM",
"id": "165359"
},
{
"date": "2022-01-31T15:46:38",
"db": "PACKETSTORM",
"id": "165774"
},
{
"date": "2021-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-2047"
},
{
"date": "2021-08-24T19:15:21.407000",
"db": "NVD",
"id": "CVE-2021-30946"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-05T00:00:00",
"db": "VULHUB",
"id": "VHN-390679"
},
{
"date": "2021-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2021-30946"
},
{
"date": "2024-07-17T02:30:00",
"db": "JVNDB",
"id": "JVNDB-2021-021007"
},
{
"date": "2022-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-2047"
},
{
"date": "2023-11-07T03:33:59.623000",
"db": "NVD",
"id": "CVE-2021-30946"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-2047"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerabilities in multiple Apple products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-021007"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-2047"
}
],
"trust": 0.6
}
}
FKIE_CVE-2021-30946
Vulnerability from fkie_nvd - Published: 2021-08-24 19:15 - Updated: 2024-11-21 06:05
Severity ?
Summary
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. A malicious application may be able to bypass certain Privacy preferences.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE4E546-A0DD-4E9E-A6B9-C19B04D77466",
"versionEndExcluding": "15.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FB904C1-43D1-4583-8729-5D1B1746A54C",
"versionEndExcluding": "15.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "287EBE44-07C0-41D3-B268-CC86CA5FD792",
"versionEndExcluding": "11.6.2",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA118623-E817-42AA-AB39-6239B1284192",
"versionEndExcluding": "12.1",
"versionStartIncluding": "12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A7245FB-6FBE-4C09-80F5-18504CA623B3",
"versionEndExcluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. A malicious application may be able to bypass certain Privacy preferences."
},
{
"lang": "es",
"value": "Se abord\u00f3 un problema de l\u00f3gica con restricciones mejoradas.\u0026#xa0;Este problema es corregido en macOS Monterey versi\u00f3n 12.1, watchOS versi\u00f3n 8.3, iOS versi\u00f3n 15.2 e iPadOS versi\u00f3n 15.2, macOS Big Sur versi\u00f3n 11.6.2.\u0026#xa0;Una aplicaci\u00f3n maliciosa puede omitir determinadas preferencias de privacidad"
}
],
"id": "CVE-2021-30946",
"lastModified": "2024-11-21T06:05:01.200",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-24T19:15:21.407",
"references": [
{
"source": "product-security@apple.com",
"url": "https://support.apple.com/en-us/HT212975"
},
{
"source": "product-security@apple.com",
"url": "https://support.apple.com/en-us/HT212976"
},
{
"source": "product-security@apple.com",
"url": "https://support.apple.com/en-us/HT212978"
},
{
"source": "product-security@apple.com",
"url": "https://support.apple.com/en-us/HT212979"
},
{
"source": "product-security@apple.com",
"url": "https://support.apple.com/kb/HT213056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/en-us/HT212975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/en-us/HT212976"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/en-us/HT212978"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/en-us/HT212979"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/kb/HT213056"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
WID-SEC-W-2022-0489
Vulnerability from csaf_certbund - Published: 2021-12-13 23:00 - Updated: 2026-03-05 23:00Summary
Apple iOS: Mehrere Schwachstellen
Severity
Kritisch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Das Apple iOS (vormals iPhone OS) ist das Betriebssystem für das von Apple entwickelte Smartphone iPhone, iPad und iPod Touch.
Das Apple iPadOS ist das Betriebssystem für das von Apple entwickelte iPad.
Das Apple iPhone ist ein Mobiltelefon mit dem Betriebssystem iOS.
Das Apple iPad ist ein Tablet mit dem Betriebssystem iPadOS.
Angriff: Ein entfernter, anonymer, physischer oder lokaler Angreifer kann mehrere Schwachstellen in Apple iOS, Apple iPadOS, Apple iPhone und Apple iPad ausnutzen, um beliebigen Programmcode auszuführen, beliebigen Programmcode mit Kernel-Privilegien auszuführen, seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen, Sicherheitsmaßnahmen zu umgehen und Dateien zu manipulieren.
Betroffene Betriebssysteme: - iPhoneOS
- Sonstiges
References
{
"document": {
"aggregate_severity": {
"text": "kritisch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Das Apple iOS (vormals iPhone OS) ist das Betriebssystem f\u00fcr das von Apple entwickelte Smartphone iPhone, iPad und iPod Touch.\r\nDas Apple iPadOS ist das Betriebssystem f\u00fcr das von Apple entwickelte iPad.\r\nDas Apple iPhone ist ein Mobiltelefon mit dem Betriebssystem iOS.\r\nDas Apple iPad ist ein Tablet mit dem Betriebssystem iPadOS.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer, physischer oder lokaler Angreifer kann mehrere Schwachstellen in Apple iOS, Apple iPadOS, Apple iPhone und Apple iPad ausnutzen, um beliebigen Programmcode auszuf\u00fchren, beliebigen Programmcode mit Kernel-Privilegien auszuf\u00fchren, seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen, Sicherheitsma\u00dfnahmen zu umgehen und Dateien zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- iPhoneOS\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0489 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-0489.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0489 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0489"
},
{
"category": "external",
"summary": "Apple Security Advisroy vom 2021-12-13",
"url": "https://support.apple.com/en-us/HT212976"
},
{
"category": "external",
"summary": "CISA Known Exploited Vulnerabilities Catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "external",
"summary": "CISA KEV CVE-2021-30952 von 2026-03-05",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"source_lang": "en-US",
"title": "Apple iOS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-05T23:00:00.000+00:00",
"generator": {
"date": "2026-03-06T12:27:23.043+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2022-0489",
"initial_release_date": "2021-12-13T23:00:00.000+00:00",
"revision_history": [
{
"date": "2021-12-13T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-06-27T22:00:00.000+00:00",
"number": "2",
"summary": "Exploit aufgenommen"
},
{
"date": "2022-06-28T22:00:00.000+00:00",
"number": "3",
"summary": "Schreibfehler korrigiert"
},
{
"date": "2026-03-05T23:00:00.000+00:00",
"number": "4",
"summary": "Exploit aufgenommen CVE-2021-30952"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c15.2",
"product": {
"name": "Apple iOS \u003c15.2",
"product_id": "T021275"
}
},
{
"category": "product_version",
"name": "15.2",
"product": {
"name": "Apple iOS 15.2",
"product_id": "T021275-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:iphone_os:15.2"
}
}
}
],
"category": "product_name",
"name": "iOS"
},
{
"category": "product_name",
"name": "Apple iPad",
"product": {
"name": "Apple iPad",
"product_id": "130413",
"product_identification_helper": {
"cpe": "cpe:/h:apple:ipad:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c15.2",
"product": {
"name": "Apple iPadOS \u003c15.2",
"product_id": "T021276"
}
},
{
"category": "product_version",
"name": "15.2",
"product": {
"name": "Apple iPadOS 15.2",
"product_id": "T021276-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:ipados:15.2"
}
}
}
],
"category": "product_name",
"name": "iPadOS"
},
{
"category": "product_name",
"name": "Apple iPhone",
"product": {
"name": "Apple iPhone",
"product_id": "693",
"product_identification_helper": {
"cpe": "cpe:/h:apple:iphone:-"
}
}
}
],
"category": "vendor",
"name": "Apple"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-30767",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30767"
},
{
"cve": "CVE-2021-30926",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30926"
},
{
"cve": "CVE-2021-30927",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30927"
},
{
"cve": "CVE-2021-30929",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30929"
},
{
"cve": "CVE-2021-30932",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30932"
},
{
"cve": "CVE-2021-30934",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30934"
},
{
"cve": "CVE-2021-30936",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30936"
},
{
"cve": "CVE-2021-30937",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30937"
},
{
"cve": "CVE-2021-30939",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30939"
},
{
"cve": "CVE-2021-30940",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30940"
},
{
"cve": "CVE-2021-30941",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30941"
},
{
"cve": "CVE-2021-30942",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30942"
},
{
"cve": "CVE-2021-30945",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30945"
},
{
"cve": "CVE-2021-30946",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30946"
},
{
"cve": "CVE-2021-30947",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30947"
},
{
"cve": "CVE-2021-30948",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30948"
},
{
"cve": "CVE-2021-30949",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30949"
},
{
"cve": "CVE-2021-30951",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30951"
},
{
"cve": "CVE-2021-30952",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30952"
},
{
"cve": "CVE-2021-30953",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30953"
},
{
"cve": "CVE-2021-30954",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30954"
},
{
"cve": "CVE-2021-30955",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30955"
},
{
"cve": "CVE-2021-30957",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30957"
},
{
"cve": "CVE-2021-30958",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30958"
},
{
"cve": "CVE-2021-30960",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30960"
},
{
"cve": "CVE-2021-30964",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30964"
},
{
"cve": "CVE-2021-30966",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30966"
},
{
"cve": "CVE-2021-30967",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30967"
},
{
"cve": "CVE-2021-30968",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30968"
},
{
"cve": "CVE-2021-30971",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30971"
},
{
"cve": "CVE-2021-30973",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30973"
},
{
"cve": "CVE-2021-30979",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30979"
},
{
"cve": "CVE-2021-30980",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30980"
},
{
"cve": "CVE-2021-30983",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30983"
},
{
"cve": "CVE-2021-30984",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30984"
},
{
"cve": "CVE-2021-30985",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30985"
},
{
"cve": "CVE-2021-30988",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30988"
},
{
"cve": "CVE-2021-30991",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30991"
},
{
"cve": "CVE-2021-30992",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30992"
},
{
"cve": "CVE-2021-30993",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30993"
},
{
"cve": "CVE-2021-30995",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30995"
},
{
"cve": "CVE-2021-30996",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30996"
}
]
}
WID-SEC-W-2026-0631
Vulnerability from csaf_certbund - Published: 2021-12-13 23:00 - Updated: 2026-03-05 23:00Summary
Apple macOS: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.
Angriff: Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um beliebigen Programmcode auszuführen, beliebigen Programmcode mit Kernel-Privilegien auszuführen, seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme: - MacOS X
References
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um beliebigen Programmcode auszuf\u00fchren, beliebigen Programmcode mit Kernel-Privilegien auszuf\u00fchren, seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- MacOS X",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0631 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2026-0631.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0631 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0631"
},
{
"category": "external",
"summary": "Apple Security Advisroy vom 2021-12-13",
"url": "https://support.apple.com/en-us/HT212978"
},
{
"category": "external",
"summary": "Apple Security Advisroy vom 2021-12-13",
"url": "https://support.apple.com/en-us/HT212981"
},
{
"category": "external",
"summary": "Apple Security Advisroy vom 2021-12-13",
"url": "https://support.apple.com/en-us/HT212979"
},
{
"category": "external",
"summary": "Microsoft 365 Defender Research Team",
"url": "https://www.microsoft.com/security/blog/2022/01/10/new-macos-vulnerability-powerdir-could-lead-to-unauthorized-user-data-access/"
},
{
"category": "external",
"summary": "CISA KEV CVE-2021-30952 von 2026-03-05",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"source_lang": "en-US",
"title": "Apple macOS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-05T23:00:00.000+00:00",
"generator": {
"date": "2026-03-06T12:27:25.275+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0631",
"initial_release_date": "2021-12-13T23:00:00.000+00:00",
"revision_history": [
{
"date": "2021-12-13T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-02-24T23:00:00.000+00:00",
"number": "2",
"summary": "PoC aufgenommen"
},
{
"date": "2026-03-05T23:00:00.000+00:00",
"number": "3",
"summary": "Exploit aufgenommen CVE-2021-30952"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Monterey \u003c12.1",
"product": {
"name": "Apple macOS Monterey \u003c12.1",
"product_id": "T021280"
}
},
{
"category": "product_version",
"name": "Monterey 12.1",
"product": {
"name": "Apple macOS Monterey 12.1",
"product_id": "T021280-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:monterey__12.1"
}
}
},
{
"category": "product_version",
"name": "Catalina",
"product": {
"name": "Apple macOS Catalina",
"product_id": "T021281",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:catalina"
}
}
},
{
"category": "product_version_range",
"name": "Big Sur \u003c11.6.2",
"product": {
"name": "Apple macOS Big Sur \u003c11.6.2",
"product_id": "T021282"
}
},
{
"category": "product_version",
"name": "Big Sur 11.6.2",
"product": {
"name": "Apple macOS Big Sur 11.6.2",
"product_id": "T021282-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:big_sur__11.6.2"
}
}
}
],
"category": "product_name",
"name": "macOS"
}
],
"category": "vendor",
"name": "Apple"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-30767",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30767"
},
{
"cve": "CVE-2021-30926",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30926"
},
{
"cve": "CVE-2021-30927",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30927"
},
{
"cve": "CVE-2021-30929",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30929"
},
{
"cve": "CVE-2021-30931",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30931"
},
{
"cve": "CVE-2021-30934",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30934"
},
{
"cve": "CVE-2021-30935",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30935"
},
{
"cve": "CVE-2021-30936",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30936"
},
{
"cve": "CVE-2021-30937",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30937"
},
{
"cve": "CVE-2021-30938",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30938"
},
{
"cve": "CVE-2021-30939",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30939"
},
{
"cve": "CVE-2021-30940",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30940"
},
{
"cve": "CVE-2021-30941",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30941"
},
{
"cve": "CVE-2021-30942",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30942"
},
{
"cve": "CVE-2021-30945",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30945"
},
{
"cve": "CVE-2021-30946",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30946"
},
{
"cve": "CVE-2021-30947",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30947"
},
{
"cve": "CVE-2021-30949",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30949"
},
{
"cve": "CVE-2021-30950",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30950"
},
{
"cve": "CVE-2021-30951",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30951"
},
{
"cve": "CVE-2021-30952",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30952"
},
{
"cve": "CVE-2021-30953",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30953"
},
{
"cve": "CVE-2021-30954",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30954"
},
{
"cve": "CVE-2021-30955",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30955"
},
{
"cve": "CVE-2021-30957",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30957"
},
{
"cve": "CVE-2021-30958",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30958"
},
{
"cve": "CVE-2021-30959",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30959"
},
{
"cve": "CVE-2021-30960",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30960"
},
{
"cve": "CVE-2021-30961",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30961"
},
{
"cve": "CVE-2021-30963",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30963"
},
{
"cve": "CVE-2021-30964",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30964"
},
{
"cve": "CVE-2021-30965",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30965"
},
{
"cve": "CVE-2021-30966",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30966"
},
{
"cve": "CVE-2021-30968",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30968"
},
{
"cve": "CVE-2021-30969",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30969"
},
{
"cve": "CVE-2021-30970",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30970"
},
{
"cve": "CVE-2021-30971",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30971"
},
{
"cve": "CVE-2021-30973",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30973"
},
{
"cve": "CVE-2021-30975",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30975"
},
{
"cve": "CVE-2021-30976",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30976"
},
{
"cve": "CVE-2021-30977",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30977"
},
{
"cve": "CVE-2021-30979",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30979"
},
{
"cve": "CVE-2021-30980",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30980"
},
{
"cve": "CVE-2021-30981",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30981"
},
{
"cve": "CVE-2021-30982",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30982"
},
{
"cve": "CVE-2021-30984",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30984"
},
{
"cve": "CVE-2021-30986",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30986"
},
{
"cve": "CVE-2021-30987",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30987"
},
{
"cve": "CVE-2021-30990",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30990"
},
{
"cve": "CVE-2021-30993",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30993"
},
{
"cve": "CVE-2021-30995",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30995"
},
{
"cve": "CVE-2021-30996",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30996"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…