Multiple vulnerabilities in Apple macOS



Published: 2021-02-02 | Updated: 2021-06-25
Risk High
Patch available YES
Number of vulnerabilities 66
CVE ID CVE-2021-1761
CVE-2020-29614
CVE-2021-1793
CVE-2021-1737
CVE-2021-1738
CVE-2021-1744
CVE-2021-1779
CVE-2021-1757
CVE-2021-1764
CVE-2021-1750
CVE-2020-29633
CVE-2021-1771
CVE-2021-1762
CVE-2021-1763
CVE-2021-1774
CVE-2021-1767
CVE-2021-1745
CVE-2021-1753
CVE-2021-1768
CVE-2021-1751
CVE-2020-27938
CVE-2021-1769
CVE-2021-1788
CVE-2021-1765
CVE-2021-1801
CVE-2021-1789
CVE-2021-1799
CVE-2021-1777
CVE-2021-1754
CVE-2021-1797
CVE-2021-1790
CVE-2020-27945
CVE-2021-1760
CVE-2021-1747
CVE-2021-1776
CVE-2021-1759
CVE-2021-1772
CVE-2021-1792
CVE-2021-1787
CVE-2021-1786
CVE-2020-27937
CVE-2021-1802
CVE-2021-1791
CVE-2021-1775
CVE-2021-1746
CVE-2020-29608
CVE-2021-1758
CVE-2021-1783
CVE-2021-1741
CVE-2021-1743
CVE-2021-1773
CVE-2021-1778
CVE-2021-1736
CVE-2021-1785
CVE-2021-1766
CVE-2021-1818
CVE-2021-1742
CVE-2020-27904
CVE-2021-1782
CVE-2020-25709
CVE-2019-20838
CVE-2020-14155
CVE-2020-15358
CVE-2021-1871
CVE-2021-1870
CVE-2021-1781
CWE ID CWE-20
CWE-122
CWE-787
CWE-264
CWE-125
CWE-416
CWE-287
CWE-119
CWE-843
CWE-200
CWE-190
CWE-121
CWE-362
CWE-617
CWE-840
Exploitation vector Network
Public exploit Public exploit code for vulnerability #58 is available.
Vulnerability #59 is being exploited in the wild.
Vulnerability #64 is being exploited in the wild.
Vulnerability #65 is being exploited in the wild.
Vulnerable software
Subscribe 		macOS
Operating systems & Components / Operating system

Vendor Apple Inc.

Security Advisory

Updated: 04.02.2021

Added vulnerabilities #58-65.

Updated: 27.04.2021

Updated list of affected macOS versions for vulnerability #VU50179.

Updated: 20.05.2021

Added vulnerability #66.

1) Input validation error

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1761

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the Analytics component in macOS. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.14 18A391, 10.14.1 18B75, 10.14.1 18B2107, 10.14.1 18B3094, 10.14.2 18C54, 10.14.3 18D42, 10.14.3 18D43, 10.14.3 18D109, 10.14.4 18E226, 10.14.4 18E227, 10.14.5 18F132, 10.14.6 18G84, 10.14.6 18G87, 10.14.6 18G95, 10.14.6 18G103, 10.14.6 18G1012, 10.14.6 18G2022, 10.14.6 18G3020, 10.14.6 18G4032, 10.14.6 18G5033, 10.14.6 18G6020, 10.14.6 18G6032, 10.14.6 18G6042, 10.14.6 18G7016, 10.15 19A583, 10.15 19A602, 10.15 19A603, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H4, 10.15.7 19H15, 10.15.7 19H114, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Heap-based buffer overflow

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-29614

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the Model I/O component in macOS. A remote attacker can pass specially crafted file, trick the victim into opening it, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15 19A603, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H4, 10.15.7 19H15, 10.15.7 19H114

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Input validation error

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1793

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15 19A603, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H4, 10.15.7 19H15, 10.15.7 19H114, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds write

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1737

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15 19A603, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H4, 10.15.7 19H15, 10.15.7 19H114, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds write

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1738

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15 19A603, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H4, 10.15.7 19H15, 10.15.7 19H114, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Out-of-bounds write

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1744

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Permissions, Privileges, and Access Controls

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1779

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a logic error in kext loading in IOKit. A local application can execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Out-of-bounds read

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1757

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary condition within the IOSkywalkFamily component in macOS. A local user can run a specially crafted program to trigger out-of-bounds read error and escalate privileges on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1764

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the kernel subsystem. A remote attacker can trick the victim to open a specially crafted file and crash the system.


Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Permissions, Privileges, and Access Controls

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1750

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to logic error within the kernel subsystem. A local application can execute arbitrary code with kernel privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Improper Authentication

Risk: Medium

CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-29633

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests in Login Window component in macOS. A remote attacker on the local network can bypass authentication process and gain unauthorized access to the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Permissions, Privileges, and Access Controls

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1771

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote user to bypass implemented security restrictions.

The vulnerability exists due to incorrect access restrictions within the Messages component in macOS. A remote user that is removed from an iMessage group could rejoin the group.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Out-of-bounds write

Risk: Low

CVSSv3.1: 6.6 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1762

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a local attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input within the Model I/O component in macOS. An attacker can use a specially crafted USD file to crash the system or execute arbitrary code.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Buffer overflow

Risk: Low

CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1763

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

when processing untrusted input within the Model I/O component in macOS. An attacker can use a specially crafted USD file to crash the system or execute arbitrary code.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Input validation error

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1774

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Heap-based buffer overflow

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1767

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the Model I/O component in macOS. A remote attacker can pass specially crafted file, trick the victim into opening it,, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Out-of-bounds read

Risk: Low

CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1745

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a local user to crash the system.

The vulnerability exists due to a boundary condition when processing USB files in the Model I/O component in macOS. A local user can insert a specially crafted USB drive, trigger out-of-bounds read error and crash the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Out-of-bounds read

Risk: Low

CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1753

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a local user to crash the system.

The vulnerability exists due to a boundary condition when processing USB files in the Model I/O component in macOS. A local user can insert a specially crafted USB drive, trigger out-of-bounds read error and crash the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Out-of-bounds read

Risk: Low

CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1768

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a local user to crash the system.

The vulnerability exists due to a boundary condition when processing USB files in the Model I/O component in macOS. A local user can insert a specially crafted USB drive, trigger out-of-bounds read error and crash the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Permissions, Privileges, and Access Controls

Risk: Medium

CVSSv3.1: 6.2 [CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1751

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to application does not properly impose security restrictions within the NetFSFramework component in macOS. A remote attacker can trick the victim to mount a maliciously Samba network share and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Permissions, Privileges, and Access Controls

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-27938

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to application does not properly impose security restrictions within the Power Management component in macOS. A local application can elevate privileges on the system.


Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Improper Authentication

Risk: Low

CVSSv3.1: 3 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1769

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a local user to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests within the Swift component in macOS. A local user with arbitrary read and write capability may be able to bypass Pointer Authentication.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Use-after-free

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1788

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in WebKit. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Security restrictions bypass

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1765

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to application does not properly impose sanboxing policy in WebKit. A remote attacker can create a specially crafted web page, trick the victim into visiting it and bypass implemented security restrictions.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.0.1 20B50, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Security restrictions bypass

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1801

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to application does not properly impose sanboxing policy in WebKit. A remote attacker can create a specially crafted web page, trick the victim into visiting it and bypass implemented security restrictions.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.0.1 20B50, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Type Confusion

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1789

CWE-ID: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a type confusion error in WebKit. A remote attacker can trick the victim to open a specially crafted website, trigger a type confusion error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.0.1 20B50, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Information disclosure

Risk: Medium

CVSSv3.1: 4.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1799

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a port redirection issue in WebRTC. A remote attacker can gain unauthorized access to sensitive information, such as open ports in the local network.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.0.1 20B50, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Input validation error

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1777

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Input validation error

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1754

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Permissions, Privileges, and Access Controls

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1797

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to read arbitrary files on the system.

The vulnerability exists due to application does not properly impose security restrictions within the APFS component in macOS. A local user can read arbitrary files on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15 19A603, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H4, 10.15.7 19H15, 10.15.7 19H114, 10.15.7 19H512, 10.15.7 19H524, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147
https://support.apple.com/en-us/HT212326

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Out-of-bounds read

Risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1790

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when processing font files within the FontParser component in macOS. A remote attacker can create a specially crafted document or a web page, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Integer overflow

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-27945

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow within the CFNetwork Cache component in macOS. A remote attacker can create a specially crafted web page, trick the victim into visiting it, trigger an integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Buffer overflow

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1760

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the CoreAnimation component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Out-of-bounds write

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1747

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input within the CoreAudio component in macOS. A remote attacker can trick the victim into visit a specially crafted website, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Out-of-bounds write

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1776

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing fonts within the CoreGraphics component in macOS. A remote attacker can create a specially crafted website or document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Out-of-bounds read

Risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1759

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the CoreMedia component in macOS. A remote attacker can create a specially crafted image, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Stack-based buffer overflow

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1772

CWE-ID: CWE-121 - Stack-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the CoreText component in macOS within the parsing of TTF fonts. A remote attacker can create a specially crafted text file, trick the victim into opening it, trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147
https://www.zerodayinitiative.com/advisories/ZDI-21-758/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Out-of-bounds read

Risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1792

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the CoreText component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Input validation error

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1787

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the Crash Reporter component in macOS. A local user can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Permissions, Privileges, and Access Controls

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1786

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to application does not properly impose security restrictions within the Crash Reporter component in macOS. A local user can create or modify system files and escalate privileges on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Permissions, Privileges, and Access Controls

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-27937

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to the Directory Utility does not properly impose security restrictions. A local application can access potentially sensitive information.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Permissions, Privileges, and Access Controls

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1802

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a logical issue within the Endpoint Security component in macOS. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Out-of-bounds read

Risk: Low

CVSSv3.1: 4.9 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1791

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the FairPlay component in macOS. A local application can trigger out-of-bounds read error and read contents of kernel memory.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Input validation error

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1775

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input when processing font files within the FontParser component in macOS. A remote attacker can trick the victim to open a specially crafted document or a web page and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Input validation error

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1746

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Out-of-bounds read

Risk: Medium

CVSSv3.1: 6.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-29608

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when processing font files within the FontParser component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Out-of-bounds read

Risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1758

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when processing font files within the FontParser component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Buffer overflow

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1783

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Out-of-bounds read

Risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1741

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Out-of-bounds read

Risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1743

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Input validation error

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1773

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when processing image files within the ImageIO component in macOS. A remote attacker can pass specially crafted file to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Out-of-bounds read

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1778

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition when processing image files within the curl implementation in the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and crash the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Out-of-bounds read

Risk: Medium

CVSSv3.1: 6.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1736

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Out-of-bounds read

Risk: Medium

CVSSv3.1: 6.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1785

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Input validation error

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1766

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when processing image files within the ImageIO component in macOS. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Buffer overflow

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1818

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Input validation error

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1742

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Buffer overflow

Risk: Low

CVSSv3.1: 7.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-27904

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: Yes

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error within the OS kernel subsystem. A local application can execute arbitrary code with kernel privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

59) Race condition

Risk: Critical

CVSSv3.1: 8.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1782

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to a race condition in the Kernel component. A remote attacker can use a malicious application and escalate privileges on the system.

Note: The vulnerability is being actively exploited in the wild.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

60) Reachable Assertion

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-25709

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion in certificateListValidate() function in schema_init.c. A remote attacker can send specially crafted packet to the slapd daemon, trigger an assertion failure and crash the service.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 10.3 7B85, 10.12.4 16E195, 10.12.5 16F73, 10.12.6 16G29, 10.12.6 16G1114, 10.13 17A365, 10.13.1 17B48, 10.13.2 17C88, 10.13.3 17D47, 10.13.4 17E199, 10.13.5 17F77, 10.13.6 17G66, 10.14 18A391, 10.14.1 18B75, 10.14.2 18C54, 10.14.3 18D42, 10.14.4 18E226, 10.14.5 18F132, 10.14.6 18G84, 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15, 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Out-of-bounds read

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2019-20838

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and X or R has more than one fixed quantifier, a related issue to CVE-2019-20454.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Integer overflow

Risk: High

CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-14155

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow. A remote attacker can pass a large number after a (?C substring, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Out-of-bounds write

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-15358

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a local authenticated user to perform a denial of service (DoS) attack.

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.

Mitigation

Install update from vendor's website.

Vulnerable software versions

macOS: 10.15 19A583, 10.15 19A602, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19D76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15.5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H15

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Business Logic Errors

Risk: Critical

CVSSv3.1: 8.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1871

CWE-ID: CWE-840 - Business Logic Errors (3.0)

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists due to a logic issue in the WebKit component. A remote attacker can trick a victim to visit a malicious website and execute arbitrary code on the system.

Note: The vulnerability is being actively exploited in the wild.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

65) Business Logic Errors

Risk: Critical

CVSSv3.1: 8.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-1870

CWE-ID: CWE-840 - Business Logic Errors (3.0)

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists due to a logic issue in the WebKit component. A remote attacker can trick a victim to visit a malicious website and execute arbitrary code on the system.

Note: The vulnerability is being actively exploited in the wild.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

66) Information disclosure

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1781

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a local application to gain access to potentially sensitive information.

The vulnerability exists due to a privacy issue in the handling of Contact cards. A local application can gain unauthorized access to sensitive private data.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

macOS: 11.0 20A2411, 11.0.1 20B29, 11.0.1 20B50, 11.1 20C69

CPE External links

https://support.apple.com/en-us/HT212147

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###