Published: 24/08/2021 Updated: 07/11/2023

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 829

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Apple iOS 12.5.5 and macOS Catalina updates: A type confusion issue was addressed with improved state handling. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple mac os x 10.14.6
apple mac os x 10.15.7
apple ipados
apple macos
apple mac os x
apple iphone os

Apple warns of arbitrary code execution zero-day being actively exploited on Macs

The Register • Simon Sharwood, APAC Editor • 24 Sep 2021

Get our weekly newsletter Remember iPods? The same bug can bite them, and plenty of older iPhones and iPads too

Apple has warned iPhone and Mac users it's aware of security bugs in its software that are being actively exploited. First off, the iGiant thanked Google for spotting CVE-2021-30869 in macOS Catalina. It's a nasty flaw, as it's in the XNU kernel at the heart of Apple's operating systems including macOS and iOS. As Apple's advisory explains, "a malicious application may be able to execute arbitrary code with kernel privileges" by exploiting this security hole. Thus, malware running on a system ca...

CVE-2021-30869

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect