CVE-2021-1831
MEDIUMiPadOS < 14.5 - Unprotected User Data Exposure via Shortcuts
Title source: llmDescription
The issue was addressed with improved permissions logic. This issue is fixed in iOS 14.5 and iPadOS 14.5. An application may allow shortcuts to access restricted files.
References (1)
Core 1
Core References
Release Notes, Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212317
Scores
CVSS v3
5.5
EPSS
0.0094
EPSS Percentile
56.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Details
CWE
CWE-276
Status
published
Products (2)
apple/ipados
< 14.5
apple/iphone_os
< 14.5
Published
Sep 08, 2021
Tracked Since
Feb 18, 2026