CVE-2021-30837

HIGH

iPadOS < 15.0 - Remote Code Execution

Title source: llm
STIX 2.1

Description

A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8, tvOS 15. An application may be able to execute arbitrary code with kernel privileges.

References (6)

Core 6
Core References
Release Notes, Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212814
Release Notes, Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212819
Release Notes, Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212815
Mailing List, Release Notes, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2021/Oct/62
Mailing List, Release Notes, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2021/Oct/63
Mailing List, Release Notes, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2021/Oct/61

Scores

CVSS v3 7.8
EPSS 0.0163
EPSS Percentile 73.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Status published
Products (3)
apple/ipados < 15.0
apple/iphone_os < 15.0
apple/tvos < 15.0
Published Oct 19, 2021
Tracked Since Feb 18, 2026