Detections
Analytics

macOS 10.15.x < 10.15.7 Security Update 2021-002 Catalina (HT212530)

critical Nessus Plugin ID 149984

Language:

Synopsis

The remote host is missing a macOS security update.

Description

The remote host is running a version of macOS / Mac OS X that is 10.15.x prior to 10.15.7 Security Update 2021-003 Catalina. It is, therefore, affected by multiple vulnerabilities, including the following:

 - A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
 (CVE-2021-30712)

 - A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
 (CVE-2021-30678)

 - An application may be able to execute arbitrary code with kernel privileges. (CVE-2021-30704)

Note that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.

Solution

Upgrade to macOS 10.15.7 Security Update 2021-003 Catalina or later.

See Also

https://support.apple.com/en-us/HT212530

Plugin Details

Severity: Critical

ID: 149984

File Name: macos_HT212530.nasl

Version: 1.7

Type: local

Agent: macosx

Published: 5/26/2021

Updated: 5/10/2022

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2021-30728

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2021-30678

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x, cpe:/o:apple:macos

Exploit Ease: No known exploits are available

Patch Publication Date: 5/24/2021

Vulnerability Publication Date: 5/24/2021

Reference Information

CVE: CVE-2020-36221, CVE-2020-36222, CVE-2020-36223, CVE-2020-36224, CVE-2020-36225, CVE-2020-36226, CVE-2020-36227, CVE-2020-36228, CVE-2020-36229, CVE-2020-36230, CVE-2021-1883, CVE-2021-1884, CVE-2021-30669, CVE-2021-30671, CVE-2021-30673, CVE-2021-30676, CVE-2021-30678, CVE-2021-30679, CVE-2021-30681, CVE-2021-30683, CVE-2021-30684, CVE-2021-30685, CVE-2021-30687, CVE-2021-30691, CVE-2021-30692, CVE-2021-30693, CVE-2021-30694, CVE-2021-30695, CVE-2021-30697, CVE-2021-30701, CVE-2021-30702, CVE-2021-30704, CVE-2021-30705, CVE-2021-30708, CVE-2021-30709, CVE-2021-30710, CVE-2021-30712, CVE-2021-30715, CVE-2021-30716, CVE-2021-30717, CVE-2021-30721, CVE-2021-30722, CVE-2021-30723, CVE-2021-30724, CVE-2021-30725, CVE-2021-30728, CVE-2021-30743, CVE-2021-30746

APPLE-SA: APPLE-SA-2021-05-25-4, HT212530

IAVA: 2021-A-0251-S