Logic Issue in macOS Affects Multiple Versions
CVE-2021-30793

9.8CRITICAL

Key Information:

Vendor: Apple
Status: Security Update - Catalina; Mac OS
Vendor: CVE Published:; 8 September 2021

What is CVE-2021-30793?

This vulnerability involves a logic flaw that, if exploited, could allow an application to execute arbitrary code with kernel privileges. The issue has been addressed with improved state management in macOS, and users are urged to update to the latest security releases, which mitigate the risk associated with this flaw.

Affected Version(s)

macOS < 11.5

macOS < 2021

Security Update - Catalina < 2021

References

https://support.apple.com/en-us/HT212602

x_refsource_MISC

https://support.apple.com/en-us/HT212600

x_refsource_MISC

https://support.apple.com/en-us/HT212603

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 8, 2021
Vulnerability Reserved
Apr 13, 2021

Apple

What is CVE-2021-30793?

Affected Version(s)

References

CVSS V3.1

Timeline