CVE-2021-30835 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-30835 PUBLISHED CVSS 7.800000190734863 HIGH

This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, iTunes 12.12 for Windows, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted image may lead to arbitrary code execution.

EPSS 0.40% · 60.6th percentile

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

0.40%

60.6th percentile

Affected Products

Vendor	Product	Versions
apple	macos	0
apple	watchos	0
Apple	tvOS	unspecified
Apple	iTunes for Windows	unspecified
apple	tvos	0
Apple	Security Update - Catalina	unspecified
apple	mac_os_x	10.15.7, 10.15.7, 10.15
apple	ipados	0
Apple	iOS and iPadOS	unspecified
apple	itunes	0
apple	iphone_os	0
Apple	watchOS	unspecified

Timeline

Sep 20, 2021 CVE Published
Oct 20, 2021 EPSS Score
Oct 26, 2021 EPSS Score
Dec 15, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Feb 8, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Apr 5, 2022 EPSS Score
May 31, 2022 EPSS Score
Jul 26, 2022 EPSS Score
Nov 15, 2022 EPSS Score
Jan 10, 2023 EPSS Score

References

https://support.apple.com/en-us/HT212818 advisory
https://support.apple.com/en-us/HT212819 advisory
https://support.apple.com/en-us/HT212816 advisory
https://support.apple.com/en-us/HT212814 advisory
https://support.apple.com/en-us/HT212815 advisory
https://support.apple.com/kb/HT212804 url
https://support.apple.com/en-us/HT212805 url
https://support.apple.com/en-us/HT212817 url
20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8 mailing-list
20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15 mailing-list
20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15 mailing-list
https://support.apple.com/kb/HT212953 url
https://nvd.nist.gov/vuln/detail/CVE-2021-30835 advisory

Open in Interactive Console →