Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.9
CVSSv2

CVE-2021-1782

Published: 02/04/2021 Updated: 09/02/2024
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4
CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1
VMScore: 616
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Mac Os X

Vulnerability Summary

A race condition was addressed with improved locking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited..

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple mac os x

apple mac os x 10.14.6

apple mac os x 10.15.7

apple ipados

apple iphone os

apple tvos

apple watchos

apple macos

Mailing Lists

Full Disclosure: APPLE-SA-2021-01-26-1 iOS 14.4 and iPadOS 14.4
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> APPLE-SA-2021-01-26-1 iOS 144 and iPadOS 144 <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Apple Prod ...

Github Repositories

https://github.com/ModernPwner/cicuta_virosa

cicuta_virosa iOS\iPadOS 143 kernel LPE for all devices by @ModernPwner Please follow us on twitter :) Current state Exploit works :) Need a lot of cleanup + more stable primitives that not relaying on memory reallocation Use it on your own risk Exploit will take more then 2 minutes because we can't understand how to properly bypass one stupid sanity check in kernel on

https://github.com/janderson61890/jailbreak

TQ-pre-jailbreak A PRE-jailbreak for iOS 140 ~ iOS 143 on all devices Generally speaking, jailbreak starts from an arbitrary kernel r/w vulnerability, so I name it pre-jailbreak Actually, CVE-2021-1782(cicuta_virosa) is the pre-jailbreak thing Implemented an arbitrary r/w primitive based on cicuta_virosa Useful to security researchers, and jailbreak developers Warranty U

https://github.com/pattern-f/TQ-pre-jailbreak

Hello from pattern-f.

TQ-pre-jailbreak A PRE-jailbreak for iOS 140 ~ iOS 143 on all devices Generally speaking, jailbreak starts from an arbitrary kernel r/w vulnerability, so I name it pre-jailbreak Actually, CVE-2021-1782(cicuta_virosa) is the pre-jailbreak thing Implemented an arbitrary r/w primitive based on cicuta_virosa Useful to security researchers, and jailbreak developers Warranty U

https://github.com/Siguza/ios-resources

Useful resources for iOS hacking

iOS Hacking Resources Basics Official references: ARMv8 Instruction Set Overview (short, kinda outdated at this point) ARMv8 Architecture Reference Manual (long) ARM A-Profile Exploration tools (same as above, but in machine readable form) ARM System Architecture Software Standards (ABIs, extensions, etc) Clang Pointer Authentication ABI My own doing: arm64 assembly crash c

https://github.com/H0aHuynh/LiRa

LiRa jailbreak iOS 14.0 - 14.3

LiRa LiRa jailbreak cho iOS 130 - 143 tất cả thiết bị Thực hiện trên mã nguồn TQ-pre-jailbreak Tình trạng Khai thác: cicuta_virosa (iOS 130 - 143) Thăng cấp đặc quyền (tới root): Đã hoạt động Remount: Đã hoạt động SSH: Đã hoạt động Amfid: Đã hoạt động Nvram: Đ&at

https://github.com/H0aHuynh/LiRa14

LiRa LiRa jailbreak cho iOS 130 - 143 tất cả thiết bị Là dự án mở Được thực hiện bởi những con người đến từ Việt Nam Tình trạng Quản lý gói: Cydia và LiStore Khai thác: cicuta_virosa (iOS 130 - 143) Thăng cấp đặc quyền (tới root): Đang làm việc Nonce Setter: Đ&atil

https://github.com/anik2sd/oln

TQ-pre-jailbreak A PRE-jailbreak for iOS 140 ~ iOS 143 on all devices Generally speaking, jailbreak starts from an arbitrary kernel r/w vulnerability, so I name it pre-jailbreak Actually, CVE-2021-1782(cicuta_virosa) is the pre-jailbreak thing Implemented an arbitrary r/w primitive based on cicuta_virosa Useful to security researchers, and jailbreak developers Warranty U

Recent Articles

Apple emits emergency iOS security updates while warning holes may have been exploited in wild by hackers
The Register • Chris Williams, Editor in Chief • 26 Jan 2021

Plus fixes for iPadOS, tvOS, watchOS, XCode, iCloud for Windows – and a day after Google disclosed Nork op

Apple today released software updates to patch vulnerabilities in iPhones and iPads that may have been exploited by miscreants to silently snoop on victims from afar. Folks should check for and install the latest version of their iOS, iPadOS, watchOS, and tvOS software. Here's the quick run down of the programming blunders: CVE-2021-1782: Fixed in iOS 14.4 and iPadOS 14.4, available for iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation). This kernel...

Read more...

References

CWE-667https://support.apple.com/en-us/HT212146https://support.apple.com/en-us/HT212149https://support.apple.com/en-us/HT212147https://support.apple.com/en-us/HT212148https://nvd.nist.govhttp://seclists.org/fulldisclosure/2021/Jan/80https://github.com/pattern-f/TQ-pre-jailbreak
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook