VDB
CVE-2021-30713
CVE-2021-30713
PUBLISHED
KEV
CVSS 4.599999904632568 MEDIUM
A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4. A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited..
EPSS 0.09% · 25.0th percentile
Risk Scores
CVSS 2.0
4.599999904632568
EPSS Score
0.09%
25.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | macOS | * |
| apple | macos | 0, 0, 0 |
| apple | mac_os_x | 10.15.7, 10.15.7, 10.15.7 |
Exploit Intelligence
- CIRCL seen: CVE-2021-30713 (circl-sighting)
- CIRCL seen: CVE-2021-30713 (circl-sighting)
- CIRCL seen: CVE-2021-30713 (circl-sighting)
- CIRCL seen: CVE-2021-30713 (circl-sighting)
- CIRCL seen: CVE-2021-30713 (circl-sighting)
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-30713 (circl)
- https://support.apple.com/en-us/HT212529 (circl)
- https://support.apple.com/kb/HT212805 (circl)
- 20210921 APPLE-SA-2021-09-20-8 Additional information for APPLE-SA-2021-09-13-4 Security Update 2021-005 Catalina (circl)
- https://support.apple.com/kb/HT212529 (vulncheck)
…and 17 more exploits
Timeline
- May 24, 2021 VulnCheck KEV Exploitation
- May 25, 2021 PoC Published
- Sep 8, 2021 CVE Published
- Sep 9, 2021 EPSS Score
- Nov 3, 2021 CISA KEV Added
- Nov 6, 2021 EPSS Score
- Nov 8, 2021 PoC Published
- Nov 20, 2021 PoC Published
- Jan 2, 2022 EPSS Score
- Mar 1, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 28, 2022 EPSS Score
References
- https://support.apple.com/en-us/HT212534 advisory
- https://support.apple.com/en-us/HT212528 advisory
- https://support.apple.com/en-us/HT212531 advisory
- https://support.apple.com/en-us/HT212533 advisory
- https://support.apple.com/en-us/HT212530 advisory
- https://support.apple.com/en-us/HT212529 advisory
- https://support.apple.com/en-us/HT212532 advisory
- https://support.apple.com/kb/HT212805 url
- 20210921 APPLE-SA-2021-09-20-8 Additional information for APPLE-SA-2021-09-13-4 Security Update 2021-005 Catalina mailing-list
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-30713 url
- https://nvd.nist.gov/vuln/detail/CVE-2021-30713 advisory