Logic Issue in macOS Affects Multiple Versions
CVE-2021-30793

9.8CRITICAL

Key Information:

Vendor
Apple
Status
Security Update - Catalina
Mac OS
Vendor
CVE Published:
8 September 2021

Summary

This vulnerability involves a logic flaw that, if exploited, could allow an application to execute arbitrary code with kernel privileges. The issue has been addressed with improved state management in macOS, and users are urged to update to the latest security releases, which mitigate the risk associated with this flaw.

Affected Version(s)

macOS < 11.5

macOS < 2021

Security Update - Catalina < 2021

References

https://support.apple.com/en-us/HT212602
x_refsource_MISC
https://support.apple.com/en-us/HT212600
x_refsource_MISC
https://support.apple.com/en-us/HT212603
x_refsource_MISC

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.