CVE-2021-30869
HIGH KEViOS <12.5.5, iPadOS <14.4, macOS Big Sur <11.2 - Code Injection
Title source: llmExploitation Summary
CVE-2021-30869 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added November 3, 2021.
Description
A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 12.5.5, iOS 14.4 and iPadOS 14.4, macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, Security Update 2021-006 Catalina. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild.
References (5)
Core 5
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212147
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212146
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212824
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212825
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-30869
Scores
CVSS v3
7.8
EPSS
0.0172
EPSS Percentile
82.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
total
Details
CISA KEV
2021-11-03
VulnCheck KEV
2021-09-23
InTheWild.io
2021-09-23
ENISA EUVD
EUVD-2021-17786
CWE
CWE-843
Status
published
Products (6)
apple/ipados
< 14.4
apple/iphone_os
12.0 - 12.5.5
apple/mac_os_x
10.14.6 security_update_2019-001 (13 CPE variants)
apple/mac_os_x
10.15.7 (10 CPE variants)
apple/mac_os_x
10.14 - 10.14.6
apple/macos
11.0 - 11.2
Published
Aug 24, 2021
KEV Added
Nov 03, 2021
Tracked Since
Feb 18, 2026