CVE-2021-30909

high

Description

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. An application may be able to execute arbitrary code with kernel privileges.

References

https://support.apple.com/en-us/HT212876

https://support.apple.com/en-us/HT212874

https://support.apple.com/en-us/HT212868

https://support.apple.com/en-us/HT212869

https://support.apple.com/en-us/HT212867

https://support.apple.com/en-us/HT212871

https://support.apple.com/en-us/HT212872

Details

Source: MITRE

Published: 2021-08-24

Updated: 2021-11-02

Type: CWE-787

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH