CVE-2021-30713 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-30713 PUBLISHED KEV CVSS 4.599999904632568 MEDIUM

A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4. A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited..

EPSS 0.10% · 28.3th percentile

Risk Scores

CVSS v2.0

4.599999904632568

EPSS Score

0.10%

28.3th percentile

Affected Products

Vendor	Product	Versions
Apple	macOS	unspecified
apple	macos	0, 0, 0
apple	mac_os_x	10.15.7, 10.15.7, 10.15.7

Timeline

May 24, 2021 VulnCheck KEV Exploitation
May 25, 2021 PoC Published
Sep 8, 2021 CVE Published
Sep 9, 2021 EPSS Score
Nov 3, 2021 CISA KEV Added
Nov 5, 2021 EPSS Score
Nov 8, 2021 PoC Published
Nov 20, 2021 PoC Published
Jan 1, 2022 EPSS Score
Feb 27, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Apr 25, 2022 EPSS Score

References

https://support.apple.com/en-us/HT212534 advisory
https://support.apple.com/en-us/HT212528 advisory
https://support.apple.com/en-us/HT212531 advisory
https://support.apple.com/en-us/HT212533 advisory
https://support.apple.com/en-us/HT212530 advisory
https://support.apple.com/en-us/HT212529 advisory
https://support.apple.com/en-us/HT212532 advisory
https://support.apple.com/kb/HT212805 url
20210921 APPLE-SA-2021-09-20-8 Additional information for APPLE-SA-2021-09-13-4 Security Update 2021-005 Catalina mailing-list
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-30713 url
https://nvd.nist.gov/vuln/detail/CVE-2021-30713 advisory

Open in Interactive Console →