Memory Corruption Issues in Apple's iOS, watchOS, Safari, and more
CVE-2021-30849

7.8HIGH

Key Information:

Vendor
Apple
Status
Ios And iPad OS
TV OS
Safari
Itunes For Windows
Vendor
CVE Published:
19 October 2021

Summary

Apple's recent updates addressed multiple memory corruption vulnerabilities that could be exploited through maliciously crafted web content. These flaws could lead to arbitrary code execution, potentially compromising the security of affected devices. Users are urged to update to the latest versions of iOS, iPadOS, watchOS, Safari, tvOS, and iTunes to mitigate these risks.

Affected Version(s)

iOS and iPadOS < 14.8

iOS and iPadOS < 15

iTunes for Windows < 12.12

References

https://support.apple.com/en-us/HT212807
x_refsource_MISC
https://support.apple.com/en-us/HT212814
x_refsource_MISC
https://support.apple.com/en-us/HT212819
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.