CVE-2021-30928

HIGH

macOS Big Sur <11.6 - Memory Corruption

Title source: llm
STIX 2.1

Description

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6, watchOS 8, tvOS 15, iOS 14.8 and iPadOS 14.8, iOS 15 and iPadOS 15. Processing a maliciously crafted image may lead to arbitrary code execution.

References (6)

Core 6
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212804
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212807
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212814
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212819
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212815
Vendor Advisory x_refsource_confirm
https://support.apple.com/kb/HT212953

Scores

CVSS v3 7.8
EPSS 0.0143
EPSS Percentile 69.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (6)
apple/icloud 13.0
apple/ipados < 14.8
apple/iphone_os < 15.0
apple/macos 11.0 - 11.6
apple/tvos < 15.0
apple/watchos < 8.0
Published Aug 24, 2021
Tracked Since Feb 18, 2026