CVE-2021-30883

HIGH KEV

Apple <15.0.2-14.8.1 - Memory Corruption

Title source: llm

Exploitation Summary

CVE-2021-30883 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added May 23, 2022. EIP tracks 1 public exploit.

AI-analyzed exploit summary This repository contains a functional proof-of-concept exploit for CVE-2021-30883, an integer overflow vulnerability in IOMobileFrameBuffer (IOMFB) on iOS 15.0.2. The exploit demonstrates memory corruption via a 32-bit integer overflow in the `BilerpGainTable::new_from_data` function, accessible from the app sandbox without special entitlements.

Description

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, macOS Big Sur 11.6.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..

Exploits (1)

vulncheck_xdb WORKING POC

local

https://github.com/saaramar/IOMFB_integer_overflow_poc

View Code ZIP pw:eip

This repository contains a functional proof-of-concept exploit for CVE-2021-30883, an integer overflow vulnerability in IOMobileFrameBuffer (IOMFB) on iOS 15.0.2. The exploit demonstrates memory corruption via a 32-bit integer overflow in the `BilerpGainTable::new_from_data` function, accessible from the app sandbox without special entitlements.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Apple iOS (IOMobileFrameBuffer/AppleCLCD) versions up to 15.0.2

No auth needed

Prerequisites: iOS device running a vulnerable version (tested on 14.7.1 and 15.0) · ability to deploy an app to the device

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548 - Abuse Elevation Control Mechanism

devstral-2 · analyzed Feb 25, 2026 Full analysis →