Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2021-30883
HistoryAug 24, 2021 - 7:15 p.m.

CVE-2021-30883

2021-08-2419:15:16
CWE-787
[email protected]
web.nvd.nist.gov
8
memory corruption
improved memory handling
apple operating systems
cve-2021-30883
arbitrary code execution
kernel privileges
actively exploited
security issue

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

60.7%

JSON

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, macOS Big Sur 11.6.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited…

Affected configurations

Nvd
Node
appleipad_osRange<14.8.1
OR
appleipadosRange15.0–15.0.2
OR
appleiphone_osRange<14.8.1
OR
appleiphone_osRange15.0–15.0.2
OR
applemacosRange11.0–11.6.1
OR
applemacosMatch12.0
OR
appletvosRange<15.1
OR
applewatchosRange<8.1
VendorProductVersionCPE
appleipad_os*cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*
appleipados*cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
appleiphone_os*cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
applemacos*cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
applemacos12.0cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*
appletvos*cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
applewatchos*cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Related

attackerkb 1
cisa 1
cve 1
prion 1
cisa_kev 1
threatpost 3
cvelist 1
apple 6
malwarebytes 4
trellix 2
thn 3
krebs 1
qualysblog 1
nessus 2
openvas 2
googleprojectzero 1
attackerkb
attackerkb
CVE-2021-30883
2021-08-24 00:00:00
cisa
cisa
Apple Releases Security Update to Address CVE-2021-30883
2021-10-12 00:00:00
cve
cve
CVE-2021-30883
2021-08-24 19:15:16
prion
prion
Memory corruption
2021-08-24 19:15:00
cisa_kev
cisa_kev
Apple Multiple Products Memory Corruption Vulnerability
2022-05-23 00:00:00
threatpost
threatpost
Apple Patches Critical iOS Bugs; One Under Attack
2021-10-27 16:14:24
Apple Releases Urgent iOS Updates to Patch New Zero-Day Bug
2021-10-12 15:17:38
Google Warns Spyware Being Deployed Against Android, iOS Users
2022-06-24 11:02:00
cvelist
cvelist
CVE-2021-30883
2021-08-24 18:49:47
apple
apple
About the security content of iOS 15.0.2 and iPadOS 15.0.2
2021-10-11 00:00:00
About the security content of iOS 14.8.1 and iPadOS 14.8.1
2021-10-26 00:00:00
About the security content of watchOS 8.1
2021-10-25 00:00:00
malwarebytes
malwarebytes
Update now! Apple patches another actively used zero-day
2022-01-27 21:56:12
Hermit spyware is deployed with the help of a victim’s ISP
2022-06-29 10:03:54
Update now! Apple patches another privilege escalation bug in iOS and iPadOS
2021-10-12 16:07:53
trellix
trellix
The Bug Report – October Edition
2021-11-02 00:00:00
The Bug Report – October Edition
2021-11-02 00:00:00
thn
thn
Google Says ISPs Helped Attackers Infect Targeted Smartphones with Hermit Spyware
2022-06-24 11:40:00
Apple Releases iOS and macOS Updates to Patch Actively Exploited 0-Day Vulnerability
2022-01-27 05:05:00
Apple Releases Urgent iPhone and iPad Updates to Patch New Zero-Day Vulnerability
2021-10-12 02:41:00
krebs
krebs
Patch Tuesday, October 2021 Edition
2021-10-12 19:52:09
qualysblog
qualysblog
Apple fixes zero-day in iOS and iPadOS 15.0.2 emergency release: Detect and Prioritize Vulnerabilities using VMDR for Mobile Devices
2021-10-18 07:41:18
nessus
nessus
macOS 11.x < 11.6.1 (HT212872)
2021-10-29 00:00:00
macOS 12.x < 12.0.1 (HT212869)
2021-10-29 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT212872)
2021-10-28 00:00:00
Apple Mac OS X Security Update (HT212869)
2022-09-22 00:00:00
googleprojectzero
googleprojectzero
The More You Know, The More You Know You Don’t Know
2022-04-19 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

60.7%

JSON
Related for NVD:CVE-2021-30883
attackerkb1cisa1cve1prion1cisa_kev1threatpost3cvelist1apple6malwarebytes4trellix2thn3krebs1qualysblog1nessus2openvas2googleprojectzero1