Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2021-1873

Published: 08/09/2021 Updated: 12/07/2022
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

An API issue in Accessibility TCC permissions was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A malicious application may be able to unexpectedly leak a user's credentials from secure text fields.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple mac os x 10.14.6

apple mac os x 10.15.6

apple mac os x 10.15.7

apple macos

apple mac os x

Mailing Lists

Full Disclosure: APPLE-SA-2021-04-26-4 Security Update 2021-003 Mojave
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-04-26-4 Security Update 2021-003 Mojave Security Update 2021-003 Mojave addresses the following issues Information about the security content is also available at supportapplecom/HT212327 APFS Available for: macOS Mojave Impact: A local user may be able to read arbitrary f ...
Full Disclosure: APPLE-SA-2021-04-26-2 macOS Big Sur 11.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-04-26-2 macOS Big Sur 113 macOS Big Sur 113 addresses the following issues Information about the security content is also available at supportapplecom/HT212325 APFS Available for: macOS Big Sur Impact: A local attacker may be able to elevate their privileges Description: ...
Full Disclosure: APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina Security Update 2021-002 Catalina addresses the following issues Information about the security content is also available at supportapplecom/HT212326 APFS Available for: macOS Catalina Impact: A local user may be able to read arbit ...

References

NVD-CWE-noinfohttps://support.apple.com/en-us/HT212327https://support.apple.com/en-us/HT212325https://support.apple.com/en-us/HT212326https://nvd.nist.govhttp://seclists.org/fulldisclosure/2021/Apr/54
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewallCVE-2024-35649stored XSSCVE-2022-28654CVE-2020-35153CVE-2024-27348CVE-2022-28652local usersCVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook