CVE-2021-30842 — Vulnetix

CVE-2021-30842 PUBLISHED CVSS 7.800000190734863 HIGH

This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted dfont file may lead to arbitrary code execution.

EPSS 0.27% · 50.6th percentile

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

0.27%

50.6th percentile

Affected Products

Vendor	Product	Versions
apple	tvos	0
apple	ipados	0
apple	macos	11.0
apple	watchos	0
apple	mac_os_x	10.15.7, 10.15.7, 10.15.7
Apple	macOS	unspecified, unspecified, unspecified
apple	iphone_os	0

Timeline

Sep 20, 2021 CVE Published
Oct 20, 2021 EPSS Score
Oct 26, 2021 EPSS Score
Dec 15, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Feb 9, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Apr 7, 2022 EPSS Score
Jun 2, 2022 EPSS Score
Jul 29, 2022 EPSS Score
Nov 18, 2022 EPSS Score
Jan 14, 2023 EPSS Score

References

https://support.apple.com/en-us/HT212818 advisory
https://support.apple.com/en-us/HT212819 advisory
https://support.apple.com/en-us/HT212816 advisory
https://support.apple.com/en-us/HT212814 advisory
https://support.apple.com/en-us/HT212815 advisory
https://support.apple.com/en-us/HT212804 url
https://support.apple.com/en-us/HT212805 url
https://support.apple.com/en-us/HT212807 url
20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8 mailing-list
20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15 mailing-list
20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15 mailing-list
https://nvd.nist.gov/vuln/detail/CVE-2021-30842 advisory

Open in Interactive Console →