CVE-2021-30807

CVSS 7.8 HIGHEPSS 28.8%● KEVCWE-787

In short

A memory corruption flaw in Apple devices allows malicious apps to run code with kernel-level privileges, the highest access level on a system. This is especially serious because Apple confirmed it was already being exploited in the wild.

Technical detail

Out-of-bounds write vulnerability (CWE-787) affecting macOS Big Sur, iOS 14.7, and iPadOS 14.7 prior to specified patch versions. Local application execution is the attack vector; exploitation requires app installation but grants arbitrary code execution at kernel privilege level. Active exploitation in the wild reported.

Summary generated and translated by AI from the official description.

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.5.1, iOS 14.7.1 and iPadOS 14.7.1, watchOS 7.6.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Apple · macOS

public PoCs found — 2

githubgithub.com/jsherman212/iomfb-exploit★ 133 githubgithub.com/30440r/gex★ 5

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.apple.com/en-us/HT212622 https://support.apple.com/en-us/HT212623 https://support.apple.com/en-us/HT212713 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-30807