CVE-2021-30955

HIGH

macOS Monterey <12.1 - Privilege Escalation

Title source: llm

Description

A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges.

Exploits (2)

nomisec WORKING POC 19 stars

by GeoSn0w · poc

https://github.com/GeoSn0w/Pentagram-exploit-tester

View Code ZIP pw:eip

inthewild NO CODE

poc

https://github.com/verygenericname/cve-2021-30955-poc-ipa

View Code ZIP pw:eip

References (4)

[Vendor Advisory] https://support.apple.com/en-us/HT212975

[Vendor Advisory] https://support.apple.com/en-us/HT212976

[Vendor Advisory] https://support.apple.com/en-us/HT212978

[Vendor Advisory] https://support.apple.com/en-us/HT212980

Scores

CVSS v3 7.0

EPSS 0.3627

EPSS Percentile 97.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-362

Status published

Products (5)

apple/ipados < 15.2

apple/iphone_os < 15.2

apple/macos < 12.1

apple/tvos < 15.2

apple/watchos < 8.3

Published Aug 24, 2021

Tracked Since Feb 18, 2026