Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2021-1870

Vulnerability Summary

Apple macOS could allow a remote malicious user to execute arbitrary code on the system, caused by a logic issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vendor Advisories

Apple: iOS 14.4 and iPadOS 14.4
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page Apple security documents reference vulnerabilities by CVE-ID when possible ...

Mailing Lists

Full Disclosure: APPLE-SA-2021-01-26-1 iOS 14.4 and iPadOS 14.4
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-01-26-1 iOS 144 and iPadOS 144 iOS 144 and iPadOS 144 addresses the following issues Information about the security content is also available at supportapplecom/HT212146 Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod to ...
Full Disclosure: APPLE-SA-2021-02-01-2 Additional information for APPLE-SA-2021-01-26-1 iOS 14.4 and iPadOS 14.4
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-02-01-2 Additional information for APPLE-SA-2021-01-26-1 iOS 144 and iPadOS 144 iOS 144 and iPadOS 144 addresses the following issues Information about the security content is also available at supportapplecom/HT212146 Analytics Available for: iPhone 6s and later, iPad ...
Full Disclosure: APPLE-SA-2021-02-01-1 macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-02-01-1 macOS Big Sur 112, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave macOS Big Sur 112, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave addresses the following issues Information about the security content is also available at supp ...

Recent Articles

Apple patches three iOS zero‑days under attack
welivesecurity • 27 Jan 2021

Apple has rolled out an update for its iOS and iPadOS operating systems to patch three zero-day security flaws that are being actively exploited in the wild. The trio of flaws affects various versions of iPhones and iPads and the latest generation of iPod touch.
“Apple is aware of a report that this issue may have been actively exploited,” reads Apple’s security advisory describing each security hole that is being plugged with the release of iOS and iPadOS 14.4.
The list of imp...

Read more...
The Register

Apple today released software updates to patch vulnerabilities in iPhones and iPads that may have been exploited by miscreants to silently snoop on victims from afar.
Folks should check for and install the latest version of their iOS, iPadOS, watchOS, and tvOS software. Here's the quick run down of the programming blunders:
CVE-2021-1782: Fixed in iOS 14.4 and iPadOS 14.4, available for iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)....

Read more...

References

https://support.apple.com/kb/HT212146https://exchange.xforce.ibmcloud.com/vulnerabilities/195884https://www.welivesecurity.com/2021/01/27/apple-patches-three-ios-zero-days-under-attack/https://exchange.xforce.ibmcloud.com/vulnerabilities/195638
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
arbitrary codeCVE-2020-36079microfocusCVE-2021-26561CVE-2021-21972NULL pointer dereferenceCVE-2021-25281deserializationsolutions business managerCVE-2020-28243CVE-2020-27618