CVE-2021-30972 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-30972 PUBLISHED CVSS 9.800000190734863 CRITICAL

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, macOS Big Sur 11.6.3, macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..

EPSS 0.05% · 17.1th percentile

Risk Scores

CVSS v3.1

9.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.05%

17.1th percentile

Affected Products

Vendor	Product	Versions
Apple	iOS and iPadOS	unspecified
Apple	macOS	unspecified, unspecified

Timeline

Aug 24, 2021 CVE Published
Jan 27, 2022 PoC Published
Mar 24, 2022 EPSS Score
Mar 25, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 13, 2022 EPSS Score
Jul 3, 2022 EPSS Score
Oct 12, 2022 EPSS Score
Dec 2, 2022 EPSS Score
Jan 21, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 12, 2023 EPSS Score

References

https://support.apple.com/en-us/HT213059 advisory
https://support.apple.com/en-us/HT213056 advisory
https://support.apple.com/en-us/HT213057 advisory
https://support.apple.com/en-us/HT213058 advisory
https://support.apple.com/en-us/HT213054 advisory
https://support.apple.com/en-us/HT213053 advisory
https://support.apple.com/en-us/HT213055 advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22587 url

Open in Interactive Console →