Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-30995 (GCVE-0-2021-30995)
Vulnerability from cvelistv5 – Published: 2021-08-24 18:51 – Updated: 2024-08-03 22:48
VLAI
EPSS
Summary
A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to elevate privileges.
Severity
No CVSS data available.
CWE
- A malicious application may be able to elevate privileges
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://support.apple.com/en-us/HT212975 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212976 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212978 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212979 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212981 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212980 | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apple | watchOS |
Affected:
unspecified , < 8.3
(custom)
|
|
| Apple | iOS and iPadOS |
Affected:
unspecified , < 15.2
(custom)
|
|
| Apple | macOS |
Affected:
unspecified , < 12.1
(custom)
|
|
| Apple | macOS |
Affected:
unspecified , < 11.6
(custom)
|
|
| Apple | macOS |
Affected:
unspecified , < 15.2
(custom)
|
|
| Apple | macOS |
Affected:
unspecified , < 2021
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:48:14.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212975"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212976"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212978"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212979"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212981"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212980"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-360/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "8.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "12.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2021",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to elevate privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A malicious application may be able to elevate privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T15:06:54.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212975"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212976"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212978"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212979"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212981"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212980"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-360/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2021-30995",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "8.3"
}
]
}
},
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "15.2"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "12.1"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "11.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "15.2"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2021"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to elevate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A malicious application may be able to elevate privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT212975",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212975"
},
{
"name": "https://support.apple.com/en-us/HT212976",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212976"
},
{
"name": "https://support.apple.com/en-us/HT212978",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212978"
},
{
"name": "https://support.apple.com/en-us/HT212979",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212979"
},
{
"name": "https://support.apple.com/en-us/HT212981",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212981"
},
{
"name": "https://support.apple.com/en-us/HT212980",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212980"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-360/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-360/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2021-30995",
"datePublished": "2021-08-24T18:51:33.000Z",
"dateReserved": "2021-04-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:48:14.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-30995",
"date": "2026-05-31",
"epss": "0.00179",
"percentile": "0.392"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-30995\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2021-08-24T19:15:24.157\",\"lastModified\":\"2024-11-21T06:05:07.193\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to elevate privileges.\"},{\"lang\":\"es\",\"value\":\"Se solucion\u00f3 una condici\u00f3n de carrera con un manejo de estado mejorado.\u0026#xa0;Este problema se solucion\u00f3 en macOS Big Sur versi\u00f3n 11.6.2, tvOS versi\u00f3n 15.2, macOS Monterey versi\u00f3n 12.1, actualizaci\u00f3n de seguridad 2021-008 Catalina, iOS versi\u00f3n 15.2 e iPadOS versi\u00f3n 15.2, watchOS versi\u00f3n 8.3.\u0026#xa0;Una aplicaci\u00f3n maliciosa puede elevar los privilegios\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:P/I:P/A:P\",\"baseScore\":5.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":4.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.2\",\"matchCriteriaId\":\"CCE4E546-A0DD-4E9E-A6B9-C19B04D77466\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.2\",\"matchCriteriaId\":\"7FB904C1-43D1-4583-8729-5D1B1746A54C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.15\",\"versionEndExcluding\":\"10.15.7\",\"matchCriteriaId\":\"DB8A73F8-3074-4B32-B9F6-343B6B1988C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A654B8A2-FC30-4171-B0BB-366CD7ED4B6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1F4BF7F-90D4-4668-B4E6-B06F4070F448\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F441A43-1669-478D-9EC8-E96882DE4F9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*\",\"matchCriteriaId\":\"D425C653-37A2-448C-BF2F-B684ADB08A26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*\",\"matchCriteriaId\":\"A54D63B7-B92B-47C3-B1C5-9892E5873A98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*\",\"matchCriteriaId\":\"3456176F-9185-4EE2-A8CE-3D989D674AB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*\",\"matchCriteriaId\":\"D337EE21-2F00-484D-9285-F2B0248D7A19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*\",\"matchCriteriaId\":\"012052B5-9AA7-4FD3-9C80-5F615330039D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*\",\"matchCriteriaId\":\"50F21A3C-0AC3-48C5-A4F8-5A7B478875B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1C795B9-E58D-467C-83A8-2D45C792292F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0\",\"versionEndExcluding\":\"11.6.2\",\"matchCriteriaId\":\"287EBE44-07C0-41D3-B268-CC86CA5FD792\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0\",\"versionEndExcluding\":\"12.1\",\"matchCriteriaId\":\"CA118623-E817-42AA-AB39-6239B1284192\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.2\",\"matchCriteriaId\":\"16CAE2FB-FADC-4BF4-9115-D20D365051BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.3\",\"matchCriteriaId\":\"7A7245FB-6FBE-4C09-80F5-18504CA623B3\"}]}]}],\"references\":[{\"url\":\"https://support.apple.com/en-us/HT212975\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT212976\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT212978\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT212979\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT212980\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT212981\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-22-360/\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT212975\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/en-us/HT212976\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/en-us/HT212978\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/en-us/HT212979\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/en-us/HT212980\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/en-us/HT212981\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-22-360/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
CERTFR-2021-AVI-945
Vulnerability from certfr_avis - Published: 2021-12-14 - Updated: 2021-12-14
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | watchOS versions 8.x antérieures à 8.3 | ||
| Apple | N/A | iOS et iPadOS versions 15.x antérieures à 15.2 | ||
| Apple | macOS | macOS Monterey versions 12.x antérieures à 12.1 | ||
| Apple | macOS | macOS Big Sur versions 11.6.x antérieures à 11.6.2 | ||
| Apple | macOS | macOS Catalina versions antérieures à la mise à jour 2021-008 | ||
| Apple | N/A | tvOS versions 15.x antérieures à 15.2 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "watchOS versions 8.x ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS et iPadOS versions 15.x ant\u00e9rieures \u00e0 15.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Monterey versions 12.x ant\u00e9rieures \u00e0 12.1",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Big Sur versions 11.6.x ant\u00e9rieures \u00e0 11.6.2",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Catalina versions ant\u00e9rieures \u00e0 la mise \u00e0 jour 2021-008",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions 15.x ant\u00e9rieures \u00e0 15.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-30993",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30993"
},
{
"name": "CVE-2021-30983",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30983"
},
{
"name": "CVE-2021-30971",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30971"
},
{
"name": "CVE-2021-30964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30964"
},
{
"name": "CVE-2021-30957",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30957"
},
{
"name": "CVE-2021-30981",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30981"
},
{
"name": "CVE-2021-30939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30939"
},
{
"name": "CVE-2021-30948",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30948"
},
{
"name": "CVE-2021-30767",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30767"
},
{
"name": "CVE-2021-30987",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30987"
},
{
"name": "CVE-2021-30992",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30992"
},
{
"name": "CVE-2021-30969",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30969"
},
{
"name": "CVE-2021-30963",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30963"
},
{
"name": "CVE-2021-30967",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30967"
},
{
"name": "CVE-2021-30951",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30951"
},
{
"name": "CVE-2021-30986",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30986"
},
{
"name": "CVE-2021-30916",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30916"
},
{
"name": "CVE-2021-30950",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30950"
},
{
"name": "CVE-2021-30976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30976"
},
{
"name": "CVE-2021-30965",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30965"
},
{
"name": "CVE-2021-30966",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30966"
},
{
"name": "CVE-2021-30982",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30982"
},
{
"name": "CVE-2021-30941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30941"
},
{
"name": "CVE-2021-30985",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30985"
},
{
"name": "CVE-2021-30958",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30958"
},
{
"name": "CVE-2021-30931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30931"
},
{
"name": "CVE-2021-30960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30960"
},
{
"name": "CVE-2021-30968",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30968"
},
{
"name": "CVE-2021-30945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30945"
},
{
"name": "CVE-2021-30934",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30934"
},
{
"name": "CVE-2021-30947",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30947"
},
{
"name": "CVE-2021-30932",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30932"
},
{
"name": "CVE-2021-30979",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30979"
},
{
"name": "CVE-2021-30980",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30980"
},
{
"name": "CVE-2021-30973",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30973"
},
{
"name": "CVE-2021-30970",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30970"
},
{
"name": "CVE-2021-30996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30996"
},
{
"name": "CVE-2021-30940",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30940"
},
{
"name": "CVE-2021-30954",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30954"
},
{
"name": "CVE-2021-30977",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30977"
},
{
"name": "CVE-2021-30942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30942"
},
{
"name": "CVE-2021-30990",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30990"
},
{
"name": "CVE-2021-30929",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30929"
},
{
"name": "CVE-2021-30937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30937"
},
{
"name": "CVE-2021-30936",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30936"
},
{
"name": "CVE-2021-30975",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30975"
},
{
"name": "CVE-2021-30953",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30953"
},
{
"name": "CVE-2021-30952",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30952"
},
{
"name": "CVE-2021-30949",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30949"
},
{
"name": "CVE-2021-30926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30926"
},
{
"name": "CVE-2021-30946",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30946"
},
{
"name": "CVE-2021-30991",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30991"
},
{
"name": "CVE-2021-30935",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30935"
},
{
"name": "CVE-2021-30938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30938"
},
{
"name": "CVE-2021-30955",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30955"
},
{
"name": "CVE-2021-30927",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30927"
},
{
"name": "CVE-2021-30988",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30988"
},
{
"name": "CVE-2021-30959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30959"
},
{
"name": "CVE-2021-30984",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30984"
},
{
"name": "CVE-2021-30995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30995"
},
{
"name": "CVE-2021-30961",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30961"
}
],
"initial_release_date": "2021-12-14T00:00:00",
"last_revision_date": "2021-12-14T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-945",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-12-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un d\u00e9ni de service et un contournement de\nla politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212979 du 13 d\u00e9cembre 2021",
"url": "https://support.apple.com/en-us/HT212979"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212981 du 13 d\u00e9cembre 2021",
"url": "https://support.apple.com/en-us/HT212981"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212976 du 13 d\u00e9cembre 2021",
"url": "https://support.apple.com/en-us/HT212976"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212975 du 13 d\u00e9cembre 2021",
"url": "https://support.apple.com/en-us/HT212975"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212978 du 13 d\u00e9cembre 2021",
"url": "https://support.apple.com/en-us/HT212978"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212980 du 13 d\u00e9cembre 2021",
"url": "https://support.apple.com/en-us/HT212980"
}
]
}
Title
多款Apple产品竞争条件问题漏洞
Description
Apple iOS是一套为移动设备所开发的操作系统。Apple tvOS是一套智能电视操作系统。Apple watchOS是一套智能手表操作系统。Apple macOS Big Sur是美国苹果(Apple)公司的一个手机应用APP。Apple iPadOS是一套用于iPad平板电脑的操作系统。
多款Apple产品存在竞争条件问题漏洞,攻击者可利用该漏洞提升权限。
Severity
中
Patch Name
多款Apple产品竞争条件问题漏洞的补丁
Patch Description
Apple iOS是一套为移动设备所开发的操作系统。Apple tvOS是一套智能电视操作系统。Apple watchOS是一套智能手表操作系统。Apple macOS Big Sur是美国苹果(Apple)公司的一个手机应用APP。Apple iPadOS是一套用于iPad平板电脑的操作系统。
多款Apple产品存在竞争条件问题漏洞,攻击者可利用该漏洞提升权限。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://support.apple.com/en-us/HT212976
Reference
https://support.apple.com/en-us/HT212976
Impacted products
| Name | ['Apple tvOS <15.2', 'Apple watchOS <8.3', 'Apple iOS <15.2', 'Apple iPadOS <15.2', 'Apple macOS Big Sur <11.6.2', 'Apple macOS Monterey <12.1', 'Apple macOS Catalina 安全更新 < 2021-008'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2021-30995",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-30995"
}
},
"description": "Apple iOS\u662f\u4e00\u5957\u4e3a\u79fb\u52a8\u8bbe\u5907\u6240\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002Apple tvOS\u662f\u4e00\u5957\u667a\u80fd\u7535\u89c6\u64cd\u4f5c\u7cfb\u7edf\u3002Apple watchOS\u662f\u4e00\u5957\u667a\u80fd\u624b\u8868\u64cd\u4f5c\u7cfb\u7edf\u3002Apple macOS Big Sur\u662f\u7f8e\u56fd\u82f9\u679c\uff08Apple\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u624b\u673a\u5e94\u7528APP\u3002Apple iPadOS\u662f\u4e00\u5957\u7528\u4e8eiPad\u5e73\u677f\u7535\u8111\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\n\n\u591a\u6b3eApple\u4ea7\u54c1\u5b58\u5728\u7ade\u4e89\u6761\u4ef6\u95ee\u9898\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://support.apple.com/en-us/HT212976",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2022-55135",
"openTime": "2022-08-04",
"patchDescription": "Apple iOS\u662f\u4e00\u5957\u4e3a\u79fb\u52a8\u8bbe\u5907\u6240\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002Apple tvOS\u662f\u4e00\u5957\u667a\u80fd\u7535\u89c6\u64cd\u4f5c\u7cfb\u7edf\u3002Apple watchOS\u662f\u4e00\u5957\u667a\u80fd\u624b\u8868\u64cd\u4f5c\u7cfb\u7edf\u3002Apple macOS Big Sur\u662f\u7f8e\u56fd\u82f9\u679c\uff08Apple\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u624b\u673a\u5e94\u7528APP\u3002Apple iPadOS\u662f\u4e00\u5957\u7528\u4e8eiPad\u5e73\u677f\u7535\u8111\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\n\u591a\u6b3eApple\u4ea7\u54c1\u5b58\u5728\u7ade\u4e89\u6761\u4ef6\u95ee\u9898\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "\u591a\u6b3eApple\u4ea7\u54c1\u7ade\u4e89\u6761\u4ef6\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Apple tvOS \u003c15.2",
"Apple watchOS \u003c8.3",
"Apple iOS \u003c15.2",
"Apple iPadOS \u003c15.2",
"Apple macOS Big Sur \u003c11.6.2",
"Apple macOS Monterey \u003c12.1",
"Apple macOS Catalina \u5b89\u5168\u66f4\u65b0 \u003c 2021-008"
]
},
"referenceLink": "https://support.apple.com/en-us/HT212976",
"serverity": "\u4e2d",
"submitTime": "2022-04-01",
"title": "\u591a\u6b3eApple\u4ea7\u54c1\u7ade\u4e89\u6761\u4ef6\u95ee\u9898\u6f0f\u6d1e"
}
FKIE_CVE-2021-30995
Vulnerability from fkie_nvd - Published: 2021-08-24 19:15 - Updated: 2024-11-21 06:05
Severity
Summary
A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to elevate privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | ipados | * | |
| apple | iphone_os | * | |
| apple | mac_os_x | * | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | macos | * | |
| apple | macos | * | |
| apple | tvos | * | |
| apple | watchos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE4E546-A0DD-4E9E-A6B9-C19B04D77466",
"versionEndExcluding": "15.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FB904C1-43D1-4583-8729-5D1B1746A54C",
"versionEndExcluding": "15.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB8A73F8-3074-4B32-B9F6-343B6B1988C5",
"versionEndExcluding": "10.15.7",
"versionStartIncluding": "10.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*",
"matchCriteriaId": "A654B8A2-FC30-4171-B0BB-366CD7ED4B6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*",
"matchCriteriaId": "F1F4BF7F-90D4-4668-B4E6-B06F4070F448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*",
"matchCriteriaId": "0F441A43-1669-478D-9EC8-E96882DE4F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*",
"matchCriteriaId": "D425C653-37A2-448C-BF2F-B684ADB08A26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*",
"matchCriteriaId": "A54D63B7-B92B-47C3-B1C5-9892E5873A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*",
"matchCriteriaId": "3456176F-9185-4EE2-A8CE-3D989D674AB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*",
"matchCriteriaId": "D337EE21-2F00-484D-9285-F2B0248D7A19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*",
"matchCriteriaId": "012052B5-9AA7-4FD3-9C80-5F615330039D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*",
"matchCriteriaId": "50F21A3C-0AC3-48C5-A4F8-5A7B478875B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*",
"matchCriteriaId": "C1C795B9-E58D-467C-83A8-2D45C792292F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "287EBE44-07C0-41D3-B268-CC86CA5FD792",
"versionEndExcluding": "11.6.2",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA118623-E817-42AA-AB39-6239B1284192",
"versionEndExcluding": "12.1",
"versionStartIncluding": "12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16CAE2FB-FADC-4BF4-9115-D20D365051BF",
"versionEndExcluding": "15.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A7245FB-6FBE-4C09-80F5-18504CA623B3",
"versionEndExcluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to elevate privileges."
},
{
"lang": "es",
"value": "Se solucion\u00f3 una condici\u00f3n de carrera con un manejo de estado mejorado.\u0026#xa0;Este problema se solucion\u00f3 en macOS Big Sur versi\u00f3n 11.6.2, tvOS versi\u00f3n 15.2, macOS Monterey versi\u00f3n 12.1, actualizaci\u00f3n de seguridad 2021-008 Catalina, iOS versi\u00f3n 15.2 e iPadOS versi\u00f3n 15.2, watchOS versi\u00f3n 8.3.\u0026#xa0;Una aplicaci\u00f3n maliciosa puede elevar los privilegios"
}
],
"id": "CVE-2021-30995",
"lastModified": "2024-11-21T06:05:07.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-24T19:15:24.157",
"references": [
{
"source": "product-security@apple.com",
"url": "https://support.apple.com/en-us/HT212975"
},
{
"source": "product-security@apple.com",
"url": "https://support.apple.com/en-us/HT212976"
},
{
"source": "product-security@apple.com",
"url": "https://support.apple.com/en-us/HT212978"
},
{
"source": "product-security@apple.com",
"url": "https://support.apple.com/en-us/HT212979"
},
{
"source": "product-security@apple.com",
"url": "https://support.apple.com/en-us/HT212980"
},
{
"source": "product-security@apple.com",
"url": "https://support.apple.com/en-us/HT212981"
},
{
"source": "product-security@apple.com",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-360/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/en-us/HT212975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/en-us/HT212976"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/en-us/HT212978"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/en-us/HT212979"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/en-us/HT212980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/en-us/HT212981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-360/"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2021-30995
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to elevate privileges.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-30995",
"description": "A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to elevate privileges.",
"id": "GSD-2021-30995"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-30995"
],
"details": "A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to elevate privileges.",
"id": "GSD-2021-30995",
"modified": "2023-12-13T01:23:31.667130Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2021-30995",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "8.3"
}
]
}
},
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "15.2"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "12.1"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "11.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "15.2"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2021"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to elevate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A malicious application may be able to elevate privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT212975",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212975"
},
{
"name": "https://support.apple.com/en-us/HT212976",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212976"
},
{
"name": "https://support.apple.com/en-us/HT212978",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212978"
},
{
"name": "https://support.apple.com/en-us/HT212979",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212979"
},
{
"name": "https://support.apple.com/en-us/HT212981",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212981"
},
{
"name": "https://support.apple.com/en-us/HT212980",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212980"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-360/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-360/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.15.7",
"versionStartIncluding": "10.15",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.2",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1",
"versionStartIncluding": "12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-30995"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to elevate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT212975",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT212975"
},
{
"name": "https://support.apple.com/en-us/HT212978",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT212978"
},
{
"name": "https://support.apple.com/en-us/HT212979",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT212979"
},
{
"name": "https://support.apple.com/en-us/HT212976",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT212976"
},
{
"name": "https://support.apple.com/en-us/HT212981",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT212981"
},
{
"name": "https://support.apple.com/en-us/HT212980",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT212980"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-360/",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-360/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-02-21T04:59Z",
"publishedDate": "2021-08-24T19:15Z"
}
}
}
VAR-202108-1149
Vulnerability from variot - Updated: 2024-08-14 12:33A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to elevate privileges. iPadOS , iOS , Apple Mac OS X Race condition vulnerabilities exist in multiple Apple products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the handling of directory paths. An attacker can leverage this vulnerability to escalate privileges from low integrity and execute code in the context of root. Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple watchOS is a smart watch operating system. Apple macOS Big Sur is a mobile application APP of Apple (Apple). Apple iPadOS is an operating system for iPad tablets. ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by the CVE program. Notes: none. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2021-12-15-5 tvOS 15.2
tvOS 15.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212980.
Audio Available for: Apple TV 4K and Apple TV HD Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information Description: A buffer overflow issue was addressed with improved memory handling. CVE-2021-30960: JunDong Xie of Ant Security Light-Year Lab
CFNetwork Proxies Available for: Apple TV 4K and Apple TV HD Impact: User traffic might unexpectedly be leaked to a proxy server despite PAC configurations Description: A logic issue was addressed with improved state management. CVE-2021-30966: Michal Rajcan of Jamf, Matt Vlasach of Jamf (Wandera)
ColorSync Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation. CVE-2021-30926: Jeremy Brown CVE-2021-30942: Mateusz Jurczyk of Google Project Zero
CoreAudio Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. CVE-2021-30957: JunDong Xie of Ant Security Light-Year Lab
CoreAudio Available for: Apple TV 4K and Apple TV HD Impact: Playing a malicious audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-30958: JunDong Xie of Ant Security Light-Year Lab
Crash Reporter Available for: Apple TV 4K and Apple TV HD Impact: A local attacker may be able to elevate their privileges Description: This issue was addressed with improved checks. CVE-2021-30945: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)
ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30939: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab, Mickey Jin (@patch1t) of Trend Micro
Kernel Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2021-30916: Zweig of Kunlun Lab
Kernel Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption vulnerability was addressed with improved locking. CVE-2021-30937: Sergei Glazunov of Google Project Zero
Kernel Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2021-30927: Xinru Chi of Pangu Lab CVE-2021-30980: Xinru Chi of Pangu Lab
Kernel Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2021-30949: Ian Beer of Google Project Zero
Kernel Available for: Apple TV 4K and Apple TV HD Impact: An attacker in a privileged network position may be able to execute arbitrary code Description: A buffer overflow issue was addressed with improved memory handling. CVE-2021-30993: OSS-Fuzz, Ned Williamson of Google Project Zero
Kernel Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved state handling. CVE-2021-30955: Zweig of Kunlun Lab
Preferences Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to elevate privileges Description: A race condition was addressed with improved state handling. CVE-2021-30995: Mickey Jin (@patch1t) of Trend Micro, Mickey Jin (@patch1t)
Sandbox Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to bypass certain Privacy preferences Description: A validation issue related to hard link behavior was addressed with improved sandbox restrictions. CVE-2021-30968: Csaba Fitzl (@theevilbit) of Offensive Security
Sandbox Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to access a user's files Description: An access issue was addressed with additional sandbox restrictions. CVE-2021-30947: Csaba Fitzl (@theevilbit) of Offensive Security
WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. CVE-2021-30934: Dani Biro
WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2021-30936: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab CVE-2021-30951: Pangu
WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An integer overflow was addressed with improved input validation. CVE-2021-30952: WeBin
WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A race condition was addressed with improved state handling. CVE-2021-30984: Kunlun Lab
WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30953: VRIJ
WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2021-30954: Kunlun Lab
Additional recognition
Bluetooth We would like to acknowledge Haram Park, Korea University for their assistance.
ColorSync We would like to acknowledge Mateusz Jurczyk of Google Project Zero for their assistance.
Contacts We would like to acknowledge Minchan Park (03stin) for their assistance.
Kernel We would like to acknowledge Amit Klein of Bar-Ilan University's Center for Research in Applied Cryptography and Cyber Security for their assistance.
WebKit We would like to acknowledge Jzhu, Peter Snyder of Brave, and Soroush Karami for their assistance.
Installation note:
Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software."
To check the current version of software, select "Settings -> General -> About."
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmG6UnYACgkQeC9qKD1p rhhvQw/+NiacWivmfnU4j3XbNMoxg7qvAKQtB8RTlz0h3vco6HoUBy1Y0X+dIvCr rCD6wuZZfnRF9DxpD3iPH2b1q0pEEJ1WVfYjG+3s3yuzZgskBkikcQ6vGFEHSQJL w+8tNQndjKIi45zlJJc2UO6lRmEWH5jGwqD3TCFJgruhBs1YM0Pp7vgqk0DTqmRf cE6DLKEbDCmeGklEmXxd4SHT45tLzTkbmHHE5cKnqJKMiM5Nv8Ds9ogwTxkOKBX1 vRxREGFwJrlF0/sX8TUhPWaqQnSles5RU0oiGT8Arag7njkhdaiOiZUYhtZRwAhl vAnfymJJ0JHWmuznMfgufIt65F46lZHc5FlpFGLAh9IblbqAxHwXsr4aIhFKNIWB 9O4QJnHfpdVutUFmF7sVvjYx6ePWzgdBBFpQO6MER61GA5cggHtwMXLRsmFCjIf+ nfaNSzQr6V2TeOk6//HpoRrhNjSs/dasedju/4G0hLK1L3YEitDRH4aERxjYysPp IduZRgaYfJWGOeIPAUeNtCHf88f7dS3dQUXLITDaQLOjRXbQgwegmYAPihkfCqS1 1tBXAXEPmBg0PIUnnBiZVhMPbFyQhJ9iC8rHrlmnLh6xnAb8pe8wo3xYH3115oS/ 31pvkkIamh7WZzbQ3+uzWOcGCI2zjtdA0+zHQxnBCveunoVum7c=TJJV -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202108-1149",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ipados",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "15.2"
},
{
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.1"
},
{
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "15.2"
},
{
"model": "macos",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "12.0"
},
{
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.15"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "15.2"
},
{
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.6.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.15.7"
},
{
"model": "macos",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "11.0"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.15.7"
},
{
"model": "watchos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "8.3"
},
{
"model": "ipados",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "tvos",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": "8.3"
},
{
"model": "apple mac os x",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "ios",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "macos",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "macos",
"scope": null,
"trust": 0.7,
"vendor": "apple",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-360"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021076"
},
{
"db": "NVD",
"id": "CVE-2021-30995"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mickey Jin (@patch1t) of Trend Micro",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-360"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-2104"
}
],
"trust": 1.3
},
"cve": "CVE-2021-30995",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2021-30995",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "VHN-390728",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.0,
"id": "CVE-2021-30995",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-30995",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2021-30995",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-30995",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-30995",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2021-30995",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202108-2104",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-390728",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-360"
},
{
"db": "VULHUB",
"id": "VHN-390728"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021076"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-2104"
},
{
"db": "NVD",
"id": "CVE-2021-30995"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to elevate privileges. iPadOS , iOS , Apple Mac OS X Race condition vulnerabilities exist in multiple Apple products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the handling of directory paths. An attacker can leverage this vulnerability to escalate privileges from low integrity and execute code in the context of root. Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple watchOS is a smart watch operating system. Apple macOS Big Sur is a mobile application APP of Apple (Apple). Apple iPadOS is an operating system for iPad tablets. ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by the CVE program. Notes: none. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2021-12-15-5 tvOS 15.2\n\ntvOS 15.2 addresses the following issues. \nInformation about the security content is also available at\nhttps://support.apple.com/HT212980. \n\nAudio\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Parsing a maliciously crafted audio file may lead to\ndisclosure of user information\nDescription: A buffer overflow issue was addressed with improved\nmemory handling. \nCVE-2021-30960: JunDong Xie of Ant Security Light-Year Lab\n\nCFNetwork Proxies\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: User traffic might unexpectedly be leaked to a proxy server\ndespite PAC configurations\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2021-30966: Michal Rajcan of Jamf, Matt Vlasach of Jamf (Wandera)\n\nColorSync\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: A memory corruption issue in the processing of ICC\nprofiles was addressed with improved input validation. \nCVE-2021-30926: Jeremy Brown\nCVE-2021-30942: Mateusz Jurczyk of Google Project Zero\n\nCoreAudio\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing a maliciously crafted audio file may lead to\narbitrary code execution\nDescription: A buffer overflow issue was addressed with improved\nmemory handling. \nCVE-2021-30957: JunDong Xie of Ant Security Light-Year Lab\n\nCoreAudio\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Playing a malicious audio file may lead to arbitrary code\nexecution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2021-30958: JunDong Xie of Ant Security Light-Year Lab\n\nCrash Reporter\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: A local attacker may be able to elevate their privileges\nDescription: This issue was addressed with improved checks. \nCVE-2021-30945: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020)\nof Tencent Security Xuanwu Lab (xlab.tencent.com)\n\nImageIO\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2021-30939: Rui Yang and Xingwei Lin of Ant Security Light-Year\nLab, Mickey Jin (@patch1t) of Trend Micro\n\nKernel\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2021-30916: Zweig of Kunlun Lab\n\nKernel\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A memory corruption vulnerability was addressed with\nimproved locking. \nCVE-2021-30937: Sergei Glazunov of Google Project Zero\n\nKernel\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2021-30927: Xinru Chi of Pangu Lab\nCVE-2021-30980: Xinru Chi of Pangu Lab\n\nKernel\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2021-30949: Ian Beer of Google Project Zero\n\nKernel\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: An attacker in a privileged network position may be able to\nexecute arbitrary code\nDescription: A buffer overflow issue was addressed with improved\nmemory handling. \nCVE-2021-30993: OSS-Fuzz, Ned Williamson of Google Project Zero\n\nKernel\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A race condition was addressed with improved state\nhandling. \nCVE-2021-30955: Zweig of Kunlun Lab\n\nPreferences\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: A malicious application may be able to elevate privileges\nDescription: A race condition was addressed with improved state\nhandling. \nCVE-2021-30995: Mickey Jin (@patch1t) of Trend Micro, Mickey Jin\n(@patch1t)\n\nSandbox\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: A malicious application may be able to bypass certain Privacy\npreferences\nDescription: A validation issue related to hard link behavior was\naddressed with improved sandbox restrictions. \nCVE-2021-30968: Csaba Fitzl (@theevilbit) of Offensive Security\n\nSandbox\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: An application may be able to access a user\u0027s files\nDescription: An access issue was addressed with additional sandbox\nrestrictions. \nCVE-2021-30947: Csaba Fitzl (@theevilbit) of Offensive Security\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A buffer overflow issue was addressed with improved\nmemory handling. \nCVE-2021-30934: Dani Biro\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2021-30936: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua\nwingtecher lab\nCVE-2021-30951: Pangu\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: An integer overflow was addressed with improved input\nvalidation. \nCVE-2021-30952: WeBin\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A race condition was addressed with improved state\nhandling. \nCVE-2021-30984: Kunlun Lab\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2021-30953: VRIJ\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A type confusion issue was addressed with improved\nmemory handling. \nCVE-2021-30954: Kunlun Lab\n\nAdditional recognition\n\nBluetooth\nWe would like to acknowledge Haram Park, Korea University for their\nassistance. \n\nColorSync\nWe would like to acknowledge Mateusz Jurczyk of Google Project Zero\nfor their assistance. \n\nContacts\nWe would like to acknowledge Minchan Park (03stin) for their\nassistance. \n\nKernel\nWe would like to acknowledge Amit Klein of Bar-Ilan University\u0027s\nCenter for Research in Applied Cryptography and Cyber Security for\ntheir assistance. \n\nWebKit\nWe would like to acknowledge Jzhu, Peter Snyder of Brave, and Soroush\nKarami for their assistance. \n\nInstallation note:\n\nApple TV will periodically check for software updates. Alternatively,\nyou may manually check for software updates by selecting\n\"Settings -\u003e System -\u003e Software Update -\u003e Update Software.\"\n\nTo check the current version of software, select\n\"Settings -\u003e General -\u003e About.\"\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmG6UnYACgkQeC9qKD1p\nrhhvQw/+NiacWivmfnU4j3XbNMoxg7qvAKQtB8RTlz0h3vco6HoUBy1Y0X+dIvCr\nrCD6wuZZfnRF9DxpD3iPH2b1q0pEEJ1WVfYjG+3s3yuzZgskBkikcQ6vGFEHSQJL\nw+8tNQndjKIi45zlJJc2UO6lRmEWH5jGwqD3TCFJgruhBs1YM0Pp7vgqk0DTqmRf\ncE6DLKEbDCmeGklEmXxd4SHT45tLzTkbmHHE5cKnqJKMiM5Nv8Ds9ogwTxkOKBX1\nvRxREGFwJrlF0/sX8TUhPWaqQnSles5RU0oiGT8Arag7njkhdaiOiZUYhtZRwAhl\nvAnfymJJ0JHWmuznMfgufIt65F46lZHc5FlpFGLAh9IblbqAxHwXsr4aIhFKNIWB\n9O4QJnHfpdVutUFmF7sVvjYx6ePWzgdBBFpQO6MER61GA5cggHtwMXLRsmFCjIf+\nnfaNSzQr6V2TeOk6//HpoRrhNjSs/dasedju/4G0hLK1L3YEitDRH4aERxjYysPp\nIduZRgaYfJWGOeIPAUeNtCHf88f7dS3dQUXLITDaQLOjRXbQgwegmYAPihkfCqS1\n1tBXAXEPmBg0PIUnnBiZVhMPbFyQhJ9iC8rHrlmnLh6xnAb8pe8wo3xYH3115oS/\n31pvkkIamh7WZzbQ3+uzWOcGCI2zjtdA0+zHQxnBCveunoVum7c=TJJV\n-----END PGP SIGNATURE-----\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30995"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021076"
},
{
"db": "ZDI",
"id": "ZDI-22-360"
},
{
"db": "VULHUB",
"id": "VHN-390728"
},
{
"db": "VULMON",
"id": "CVE-2021-30995"
},
{
"db": "PACKETSTORM",
"id": "165358"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-30995",
"trust": 4.2
},
{
"db": "ZDI",
"id": "ZDI-22-360",
"trust": 3.2
},
{
"db": "PACKETSTORM",
"id": "165358",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021076",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15320",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2021.4260",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021121434",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202108-2104",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2022-55135",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-390728",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-30995",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-360"
},
{
"db": "VULHUB",
"id": "VHN-390728"
},
{
"db": "VULMON",
"id": "CVE-2021-30995"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021076"
},
{
"db": "PACKETSTORM",
"id": "165358"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-2104"
},
{
"db": "NVD",
"id": "CVE-2021-30995"
}
]
},
"id": "VAR-202108-1149",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-390728"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:33:37.328000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT212980 Apple\u00a0 Security update",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT212975"
},
{
"title": "Apple has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://support.apple.com/HT212979"
},
{
"title": "Apple iOS and iPadOS Repair measures for the competition condition problem loophole",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176806"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-360"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021076"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-2104"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-362",
"trust": 1.1
},
{
"problemtype": "Race condition (CWE-362) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-390728"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021076"
},
{
"db": "NVD",
"id": "CVE-2021-30995"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-22-360/"
},
{
"trust": 2.3,
"url": "https://support.apple.com/en-us/ht212976"
},
{
"trust": 1.7,
"url": "https://support.apple.com/en-us/ht212975"
},
{
"trust": 1.7,
"url": "https://support.apple.com/en-us/ht212978"
},
{
"trust": 1.7,
"url": "https://support.apple.com/en-us/ht212979"
},
{
"trust": 1.7,
"url": "https://support.apple.com/en-us/ht212980"
},
{
"trust": 1.7,
"url": "https://support.apple.com/en-us/ht212981"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30995"
},
{
"trust": 0.7,
"url": "https://support.apple.com/ht212979"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/165358/apple-security-advisory-2021-12-15-5.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.4260"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-37064"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021121434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30966"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30936"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30926"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30984"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30957"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30953"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30958"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30916"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30952"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30927"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30945"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30939"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30955"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30951"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30937"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht212980."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30954"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30934"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30968"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30949"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30947"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30942"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-360"
},
{
"db": "VULHUB",
"id": "VHN-390728"
},
{
"db": "VULMON",
"id": "CVE-2021-30995"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021076"
},
{
"db": "PACKETSTORM",
"id": "165358"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-2104"
},
{
"db": "NVD",
"id": "CVE-2021-30995"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-22-360"
},
{
"db": "VULHUB",
"id": "VHN-390728"
},
{
"db": "VULMON",
"id": "CVE-2021-30995"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021076"
},
{
"db": "PACKETSTORM",
"id": "165358"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-2104"
},
{
"db": "NVD",
"id": "CVE-2021-30995"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-16T00:00:00",
"db": "ZDI",
"id": "ZDI-22-360"
},
{
"date": "2021-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-390728"
},
{
"date": "2021-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2021-30995"
},
{
"date": "2024-07-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-021076"
},
{
"date": "2021-12-17T19:19:55",
"db": "PACKETSTORM",
"id": "165358"
},
{
"date": "2021-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-2104"
},
{
"date": "2021-08-24T19:15:24.157000",
"db": "NVD",
"id": "CVE-2021-30995"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-16T00:00:00",
"db": "ZDI",
"id": "ZDI-22-360"
},
{
"date": "2022-02-21T00:00:00",
"db": "VULHUB",
"id": "VHN-390728"
},
{
"date": "2021-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2021-30995"
},
{
"date": "2024-07-17T06:55:00",
"db": "JVNDB",
"id": "JVNDB-2021-021076"
},
{
"date": "2022-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-2104"
},
{
"date": "2023-11-07T03:34:15.133000",
"db": "NVD",
"id": "CVE-2021-30995"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-2104"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Race condition vulnerability in multiple Apple products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-021076"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "competition condition problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-2104"
}
],
"trust": 0.6
}
}
WID-SEC-W-2022-0489
Vulnerability from csaf_certbund - Published: 2021-12-13 23:00 - Updated: 2026-03-05 23:00Summary
Apple iOS: Mehrere Schwachstellen
Severity
Kritisch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Das Apple iOS (vormals iPhone OS) ist das Betriebssystem für das von Apple entwickelte Smartphone iPhone, iPad und iPod Touch.
Das Apple iPadOS ist das Betriebssystem für das von Apple entwickelte iPad.
Das Apple iPhone ist ein Mobiltelefon mit dem Betriebssystem iOS.
Das Apple iPad ist ein Tablet mit dem Betriebssystem iPadOS.
Angriff: Ein entfernter, anonymer, physischer oder lokaler Angreifer kann mehrere Schwachstellen in Apple iOS, Apple iPadOS, Apple iPhone und Apple iPad ausnutzen, um beliebigen Programmcode auszuführen, beliebigen Programmcode mit Kernel-Privilegien auszuführen, seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen, Sicherheitsmaßnahmen zu umgehen und Dateien zu manipulieren.
Betroffene Betriebssysteme: - iPhoneOS
- Sonstiges
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple iPhone
Apple
|
cpe:/h:apple:iphone:-
|
— | |
|
Apple iPad
Apple
|
cpe:/h:apple:ipad:-
|
— | |
|
Apple iPadOS <15.2
Apple / iPadOS
|
<15.2 | ||
|
Apple iOS <15.2
Apple / iOS
|
<15.2 |
References
5 references
{
"document": {
"aggregate_severity": {
"text": "kritisch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Das Apple iOS (vormals iPhone OS) ist das Betriebssystem f\u00fcr das von Apple entwickelte Smartphone iPhone, iPad und iPod Touch.\r\nDas Apple iPadOS ist das Betriebssystem f\u00fcr das von Apple entwickelte iPad.\r\nDas Apple iPhone ist ein Mobiltelefon mit dem Betriebssystem iOS.\r\nDas Apple iPad ist ein Tablet mit dem Betriebssystem iPadOS.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer, physischer oder lokaler Angreifer kann mehrere Schwachstellen in Apple iOS, Apple iPadOS, Apple iPhone und Apple iPad ausnutzen, um beliebigen Programmcode auszuf\u00fchren, beliebigen Programmcode mit Kernel-Privilegien auszuf\u00fchren, seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen, Sicherheitsma\u00dfnahmen zu umgehen und Dateien zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- iPhoneOS\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0489 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-0489.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0489 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0489"
},
{
"category": "external",
"summary": "Apple Security Advisroy vom 2021-12-13",
"url": "https://support.apple.com/en-us/HT212976"
},
{
"category": "external",
"summary": "CISA Known Exploited Vulnerabilities Catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "external",
"summary": "CISA KEV CVE-2021-30952 von 2026-03-05",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"source_lang": "en-US",
"title": "Apple iOS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-05T23:00:00.000+00:00",
"generator": {
"date": "2026-03-06T12:27:23.043+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2022-0489",
"initial_release_date": "2021-12-13T23:00:00.000+00:00",
"revision_history": [
{
"date": "2021-12-13T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-06-27T22:00:00.000+00:00",
"number": "2",
"summary": "Exploit aufgenommen"
},
{
"date": "2022-06-28T22:00:00.000+00:00",
"number": "3",
"summary": "Schreibfehler korrigiert"
},
{
"date": "2026-03-05T23:00:00.000+00:00",
"number": "4",
"summary": "Exploit aufgenommen CVE-2021-30952"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c15.2",
"product": {
"name": "Apple iOS \u003c15.2",
"product_id": "T021275"
}
},
{
"category": "product_version",
"name": "15.2",
"product": {
"name": "Apple iOS 15.2",
"product_id": "T021275-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:iphone_os:15.2"
}
}
}
],
"category": "product_name",
"name": "iOS"
},
{
"category": "product_name",
"name": "Apple iPad",
"product": {
"name": "Apple iPad",
"product_id": "130413",
"product_identification_helper": {
"cpe": "cpe:/h:apple:ipad:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c15.2",
"product": {
"name": "Apple iPadOS \u003c15.2",
"product_id": "T021276"
}
},
{
"category": "product_version",
"name": "15.2",
"product": {
"name": "Apple iPadOS 15.2",
"product_id": "T021276-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:ipados:15.2"
}
}
}
],
"category": "product_name",
"name": "iPadOS"
},
{
"category": "product_name",
"name": "Apple iPhone",
"product": {
"name": "Apple iPhone",
"product_id": "693",
"product_identification_helper": {
"cpe": "cpe:/h:apple:iphone:-"
}
}
}
],
"category": "vendor",
"name": "Apple"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-30767",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30767"
},
{
"cve": "CVE-2021-30926",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30926"
},
{
"cve": "CVE-2021-30927",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30927"
},
{
"cve": "CVE-2021-30929",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30929"
},
{
"cve": "CVE-2021-30932",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30932"
},
{
"cve": "CVE-2021-30934",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30934"
},
{
"cve": "CVE-2021-30936",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30936"
},
{
"cve": "CVE-2021-30937",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30937"
},
{
"cve": "CVE-2021-30939",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30939"
},
{
"cve": "CVE-2021-30940",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30940"
},
{
"cve": "CVE-2021-30941",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30941"
},
{
"cve": "CVE-2021-30942",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30942"
},
{
"cve": "CVE-2021-30945",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30945"
},
{
"cve": "CVE-2021-30946",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30946"
},
{
"cve": "CVE-2021-30947",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30947"
},
{
"cve": "CVE-2021-30948",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30948"
},
{
"cve": "CVE-2021-30949",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30949"
},
{
"cve": "CVE-2021-30951",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30951"
},
{
"cve": "CVE-2021-30952",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30952"
},
{
"cve": "CVE-2021-30953",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30953"
},
{
"cve": "CVE-2021-30954",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30954"
},
{
"cve": "CVE-2021-30955",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30955"
},
{
"cve": "CVE-2021-30957",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30957"
},
{
"cve": "CVE-2021-30958",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30958"
},
{
"cve": "CVE-2021-30960",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30960"
},
{
"cve": "CVE-2021-30964",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30964"
},
{
"cve": "CVE-2021-30966",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30966"
},
{
"cve": "CVE-2021-30967",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30967"
},
{
"cve": "CVE-2021-30968",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30968"
},
{
"cve": "CVE-2021-30971",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30971"
},
{
"cve": "CVE-2021-30973",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30973"
},
{
"cve": "CVE-2021-30979",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30979"
},
{
"cve": "CVE-2021-30980",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30980"
},
{
"cve": "CVE-2021-30983",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30983"
},
{
"cve": "CVE-2021-30984",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30984"
},
{
"cve": "CVE-2021-30985",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30985"
},
{
"cve": "CVE-2021-30988",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30988"
},
{
"cve": "CVE-2021-30991",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30991"
},
{
"cve": "CVE-2021-30992",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30992"
},
{
"cve": "CVE-2021-30993",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30993"
},
{
"cve": "CVE-2021-30995",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30995"
},
{
"cve": "CVE-2021-30996",
"product_status": {
"known_affected": [
"693",
"130413",
"T021276",
"T021275"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30996"
}
]
}
WID-SEC-W-2026-0631
Vulnerability from csaf_certbund - Published: 2021-12-13 23:00 - Updated: 2026-03-05 23:00Summary
Apple macOS: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.
Angriff: Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um beliebigen Programmcode auszuführen, beliebigen Programmcode mit Kernel-Privilegien auszuführen, seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme: - MacOS X
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple macOS Monterey <12.1
Apple / macOS
|
Monterey <12.1 | ||
|
Apple macOS Big Sur <11.6.2
Apple / macOS
|
Big Sur <11.6.2 | ||
|
Apple macOS Catalina
Apple / macOS
|
cpe:/o:apple:mac_os:catalina
|
Catalina |
References
7 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um beliebigen Programmcode auszuf\u00fchren, beliebigen Programmcode mit Kernel-Privilegien auszuf\u00fchren, seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- MacOS X",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0631 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2026-0631.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0631 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0631"
},
{
"category": "external",
"summary": "Apple Security Advisroy vom 2021-12-13",
"url": "https://support.apple.com/en-us/HT212978"
},
{
"category": "external",
"summary": "Apple Security Advisroy vom 2021-12-13",
"url": "https://support.apple.com/en-us/HT212981"
},
{
"category": "external",
"summary": "Apple Security Advisroy vom 2021-12-13",
"url": "https://support.apple.com/en-us/HT212979"
},
{
"category": "external",
"summary": "Microsoft 365 Defender Research Team",
"url": "https://www.microsoft.com/security/blog/2022/01/10/new-macos-vulnerability-powerdir-could-lead-to-unauthorized-user-data-access/"
},
{
"category": "external",
"summary": "CISA KEV CVE-2021-30952 von 2026-03-05",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"source_lang": "en-US",
"title": "Apple macOS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-05T23:00:00.000+00:00",
"generator": {
"date": "2026-03-06T12:27:25.275+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0631",
"initial_release_date": "2021-12-13T23:00:00.000+00:00",
"revision_history": [
{
"date": "2021-12-13T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-02-24T23:00:00.000+00:00",
"number": "2",
"summary": "PoC aufgenommen"
},
{
"date": "2026-03-05T23:00:00.000+00:00",
"number": "3",
"summary": "Exploit aufgenommen CVE-2021-30952"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Monterey \u003c12.1",
"product": {
"name": "Apple macOS Monterey \u003c12.1",
"product_id": "T021280"
}
},
{
"category": "product_version",
"name": "Monterey 12.1",
"product": {
"name": "Apple macOS Monterey 12.1",
"product_id": "T021280-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:monterey__12.1"
}
}
},
{
"category": "product_version",
"name": "Catalina",
"product": {
"name": "Apple macOS Catalina",
"product_id": "T021281",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:catalina"
}
}
},
{
"category": "product_version_range",
"name": "Big Sur \u003c11.6.2",
"product": {
"name": "Apple macOS Big Sur \u003c11.6.2",
"product_id": "T021282"
}
},
{
"category": "product_version",
"name": "Big Sur 11.6.2",
"product": {
"name": "Apple macOS Big Sur 11.6.2",
"product_id": "T021282-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:big_sur__11.6.2"
}
}
}
],
"category": "product_name",
"name": "macOS"
}
],
"category": "vendor",
"name": "Apple"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-30767",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30767"
},
{
"cve": "CVE-2021-30926",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30926"
},
{
"cve": "CVE-2021-30927",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30927"
},
{
"cve": "CVE-2021-30929",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30929"
},
{
"cve": "CVE-2021-30931",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30931"
},
{
"cve": "CVE-2021-30934",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30934"
},
{
"cve": "CVE-2021-30935",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30935"
},
{
"cve": "CVE-2021-30936",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30936"
},
{
"cve": "CVE-2021-30937",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30937"
},
{
"cve": "CVE-2021-30938",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30938"
},
{
"cve": "CVE-2021-30939",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30939"
},
{
"cve": "CVE-2021-30940",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30940"
},
{
"cve": "CVE-2021-30941",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30941"
},
{
"cve": "CVE-2021-30942",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30942"
},
{
"cve": "CVE-2021-30945",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30945"
},
{
"cve": "CVE-2021-30946",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30946"
},
{
"cve": "CVE-2021-30947",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30947"
},
{
"cve": "CVE-2021-30949",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30949"
},
{
"cve": "CVE-2021-30950",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30950"
},
{
"cve": "CVE-2021-30951",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30951"
},
{
"cve": "CVE-2021-30952",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30952"
},
{
"cve": "CVE-2021-30953",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30953"
},
{
"cve": "CVE-2021-30954",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30954"
},
{
"cve": "CVE-2021-30955",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30955"
},
{
"cve": "CVE-2021-30957",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30957"
},
{
"cve": "CVE-2021-30958",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30958"
},
{
"cve": "CVE-2021-30959",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30959"
},
{
"cve": "CVE-2021-30960",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30960"
},
{
"cve": "CVE-2021-30961",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30961"
},
{
"cve": "CVE-2021-30963",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30963"
},
{
"cve": "CVE-2021-30964",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30964"
},
{
"cve": "CVE-2021-30965",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30965"
},
{
"cve": "CVE-2021-30966",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30966"
},
{
"cve": "CVE-2021-30968",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30968"
},
{
"cve": "CVE-2021-30969",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30969"
},
{
"cve": "CVE-2021-30970",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30970"
},
{
"cve": "CVE-2021-30971",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30971"
},
{
"cve": "CVE-2021-30973",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30973"
},
{
"cve": "CVE-2021-30975",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30975"
},
{
"cve": "CVE-2021-30976",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30976"
},
{
"cve": "CVE-2021-30977",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30977"
},
{
"cve": "CVE-2021-30979",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30979"
},
{
"cve": "CVE-2021-30980",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30980"
},
{
"cve": "CVE-2021-30981",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30981"
},
{
"cve": "CVE-2021-30982",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30982"
},
{
"cve": "CVE-2021-30984",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30984"
},
{
"cve": "CVE-2021-30986",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30986"
},
{
"cve": "CVE-2021-30987",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30987"
},
{
"cve": "CVE-2021-30990",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30990"
},
{
"cve": "CVE-2021-30993",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30993"
},
{
"cve": "CVE-2021-30995",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30995"
},
{
"cve": "CVE-2021-30996",
"product_status": {
"known_affected": [
"T021280",
"T021282",
"T021281"
]
},
"release_date": "2021-12-13T23:00:00.000+00:00",
"title": "CVE-2021-30996"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…