Published: 08/09/2021 Updated: 07/10/2021

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application may bypass Gatekeeper checks.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple mac os x
apple mac os x 10.15.6
apple mac os x 10.15.7
apple macos

This script will create a zip file exploiting CVE-2021-1810 by creating a directory hierarchy deep enough for Archive Utility to fail setting quarantine attributes on certain files while also making some path names long enough to prevent Safari automating unzipping from unpacking the archive Finally, the script will create a symbolic link at the t ...

Full Disclosure mailing list archives   By Date By Thread </form>    APPLE-SA-2021-04-26-2 macOS Big Sur 113   From: Apple Product Se ...

NVD-CWE-noinfo https://support.apple.com/en-us/HT212325 https://support.apple.com/en-us/HT212326 http://packetstormsecurity.com/files/164375/Gatekeeper-Bypass-Proof-Of-Concept.html https://nvd.nist.gov https://packetstormsecurity.com/files/164375/Gatekeeper-Bypass-Proof-Of-Concept.html

CVE-2021-1810

Vulnerability Summary

Vulnerability Trend

Exploits

Mailing Lists

References

Vulmon Search

About

Products

Connect