CVE-2021-30896 — Vulnetix

CVE-2021-30896 PUBLISHED CVSS 5.5 MEDIUM

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, tvOS 15.1, watchOS 8.1, macOS Monterey 12.0.1. A malicious application may be able to read user's gameplay data.

EPSS 0.37% · 59.1th percentile

Risk Scores

CVSS 3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

EPSS Score

0.37%

59.1th percentile

Affected Products

Vendor	Product	Versions
apple	ipad_os	0, 0
apple	tvos	0, 0
Apple	macOS	unspecified, unspecified, unspecified
apple	watchos	0, 0
Apple	iOS and iPadOS	unspecified
apple	iphone_os	0, 0
apple	macos	12.0, 12.0

Exploit Intelligence

https://support.apple.com/en-us/HT212869 (circl)
https://support.apple.com/en-us/HT212846 (circl)
https://support.apple.com/en-us/HT212874 (circl)
https://support.apple.com/en-us/HT212876 (circl)
https://support.apple.com/en-us/103159 (vulncheck)
macos_v2_generated.go (github-poc)
macos_v2_generated.go (github-poc)
macos_v2_generated.go (github-poc)
macos_v2_generated.go (github-poc)
macos_v2_generated.go (github-poc)

…and 8 more exploits

Timeline

Aug 24, 2021 CVE Published
Oct 11, 2021 VulnCheck KEV Exploitation
Oct 29, 2021 EPSS Score
Nov 3, 2021 EPSS Score
Dec 24, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Feb 18, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Apr 15, 2022 EPSS Score
Jun 10, 2022 EPSS Score
Aug 6, 2022 EPSS Score
Nov 26, 2022 EPSS Score

References

https://support.apple.com/en-us/HT212869 url
https://support.apple.com/en-us/HT212846 url
https://support.apple.com/en-us/HT212874 url
https://support.apple.com/en-us/HT212876 url
https://support.apple.com/fr-fr/HT212874 advisory
https://support.apple.com/fr-fr/HT212868 advisory
https://support.apple.com/fr-fr/HT212871 advisory
https://support.apple.com/fr-fr/HT212876 advisory
https://support.apple.com/fr-fr/HT212872 advisory
https://support.apple.com/fr-fr/HT212867 advisory
https://support.apple.com/fr-fr/HT212869 advisory

Open in Interactive Console →