CVE-2021-30753

MEDIUM

macOS Big Sur <11.4 - Info Disclosure

Title source: llm
STIX 2.1

Description

Processing a maliciously crafted font may result in the disclosure of process memory. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. An out-of-bounds read was addressed with improved input validation.

References (4)

Core 4
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212528
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212529
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212532
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212533

Scores

CVSS v3 5.5
EPSS 0.0027
EPSS Percentile 50.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

CWE
CWE-125
Status published
Products (5)
apple/ipados < 14.6
apple/iphone_os < 14.6
apple/macos 11.0.1 - 11.4
apple/tvos < 14.6
apple/watchos < 7.5
Published Sep 08, 2021
Tracked Since Feb 18, 2026