Vulnerability Description
A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 12.5.5, iOS 14.4 and iPadOS 14.4, macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, Security Update 2021-006 Catalina. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Ipados | < 14.4 |
| Apple | Iphone Os | >= 12.0, < 12.5.5 |
| Apple | Mac Os X | >= 10.14, <= 10.14.6 |
| Apple | Macos | >= 11.0, < 11.2 |
Related Weaknesses (CWE)
References
- https://support.apple.com/en-us/HT212146Vendor Advisory
- https://support.apple.com/en-us/HT212147Vendor Advisory
- https://support.apple.com/en-us/HT212824Vendor Advisory
- https://support.apple.com/en-us/HT212825Vendor Advisory
- https://support.apple.com/en-us/HT212146Vendor Advisory
- https://support.apple.com/en-us/HT212147Vendor Advisory
- https://support.apple.com/en-us/HT212824Vendor Advisory
- https://support.apple.com/en-us/HT212825Vendor Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-US Government Resource
FAQ
What is CVE-2021-30869?
CVE-2021-30869 is a vulnerability with a CVSS score of 7.8 (HIGH). A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 12.5.5, iOS 14.4 and iPadOS 14.4, macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2...
How severe is CVE-2021-30869?
CVE-2021-30869 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-30869?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Ipados, Apple Iphone Os, Apple Mac Os X, Apple Macos.