CVE-2021-30843 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-30843 PUBLISHED CVSS 7.800000190734863 HIGH

This issue was addressed with improved checks. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted dfont file may lead to arbitrary code execution.

EPSS 0.27% · 50.3th percentile

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

0.27%

50.3th percentile

Affected Products

Vendor	Product	Versions
apple	ipados	0
apple	watchos	0
Apple	macOS	unspecified, unspecified, unspecified
apple	iphone_os	0
apple	macos	11.0
apple	mac_os_x	10.15.7, 10.15.7, 10.15.7
apple	tvos	0

Timeline

Sep 21, 2021 CVE Published
Oct 20, 2021 EPSS Score
Oct 26, 2021 EPSS Score
Dec 15, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Feb 8, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Apr 5, 2022 EPSS Score
May 31, 2022 EPSS Score
Jul 26, 2022 EPSS Score
Nov 15, 2022 EPSS Score
Jan 10, 2023 EPSS Score

References

https://support.apple.com/en-us/HT212818 advisory
https://support.apple.com/en-us/HT212819 advisory
https://support.apple.com/en-us/HT212816 advisory
https://support.apple.com/en-us/HT212814 advisory
https://support.apple.com/en-us/HT212815 advisory
https://support.apple.com/en-us/HT212804 url
https://support.apple.com/en-us/HT212805 url
https://support.apple.com/en-us/HT212807 url
20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8 mailing-list
20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15 mailing-list
20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15 mailing-list
https://nvd.nist.gov/vuln/detail/CVE-2021-30843 advisory

Open in Interactive Console →