CVE-2021-30852

HIGH

iOS <14.8 - RCE

Title source: llm
STIX 2.1

Description

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution.

References (6)

Core 6
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212815
Vendor Advisory x_refsource_confirm
https://support.apple.com/kb/HT212869
Vendor Advisory x_refsource_confirm
https://support.apple.com/kb/HT212953
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212807
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212814
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212819

Scores

CVSS v3 8.8
EPSS 0.0063
EPSS Percentile 70.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-843
Status published
Products (5)
apple/ipados < 14.8
apple/iphone_os < 14.8
apple/macos < 12.0.1
apple/tvos < 15.0
apple/watchos < 8.0
Published Aug 24, 2021
Tracked Since Feb 18, 2026