CVE-2021-30770

MEDIUM

iPhone OS < 14.7 - Kernel Memory Mitigation Bypass

Title source: llm

Description

A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.

References (3)

Core 3

Core References

Release Notes, Vendor Advisory x_refsource_misc

https://support.apple.com/en-us/HT212601

Release Notes, Vendor Advisory x_refsource_misc

https://support.apple.com/en-us/HT212605

Release Notes, Vendor Advisory x_refsource_misc

https://support.apple.com/en-us/HT212604

Scores

CVSS v3 5.5

EPSS 0.0037

EPSS Percentile 28.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-287

Status published

Products (3)

apple/iphone_os < 14.7

apple/tvos < 14.7

apple/watchos < 7.6

Published Sep 08, 2021

Tracked Since Feb 18, 2026