Multiple vulnerabilities in Apple iOS and iPadOS



Published: 2021-04-28 | Updated: 2021-04-28
Risk Critical
Patch available YES
Number of vulnerabilities 50
CVE-ID CVE-2021-1835
CVE-2021-1740
CVE-2021-1860
CVE-2021-1832
CVE-2021-30660
CVE-2021-30652
CVE-2021-1875
CVE-2021-1815
CVE-2021-1739
CVE-2021-1868
CVE-2021-1825
CVE-2021-1817
CVE-2021-1826
CVE-2021-1820
CVE-2021-30661
CVE-2020-7463
CVE-2021-1851
CVE-2021-1837
CVE-2021-1881
CVE-2021-1867
CVE-2021-1849
CVE-2021-1836
CVE-2021-1808
CVE-2021-1857
CVE-2021-1846
CVE-2021-1809
CVE-2021-30659
CVE-2021-1811
CVE-2021-1872
CVE-2021-1882
CVE-2021-1813
CVE-2021-30656
CVE-2021-1883
CVE-2021-1884
CVE-2021-1885
CVE-2021-30653
CVE-2021-1843
CVE-2021-1858
CVE-2021-1864
CVE-2021-1822
CVE-2021-1816
CVE-2021-1807
CVE-2021-1830
CVE-2021-1852
CVE-2021-1877
CVE-2021-1874
CVE-2021-1848
CVE-2021-1854
CVE-2021-1831
CVE-2021-1865
CWE-ID CWE-264
CWE-20
CWE-125
CWE-277
CWE-362
CWE-415
CWE-79
CWE-119
CWE-665
CWE-416
CWE-295
CWE-787
CWE-347
CWE-200
CWE-399
CWE-122
Exploitation vector Network
Public exploit Vulnerability #15 is being exploited in the wild.
Vulnerable software
Subscribe
iPadOS
Operating systems & Components / Operating system

Apple iOS
Operating systems & Components / Operating system

Vendor Apple Inc.

Security Bulletin

This security bulletin contains information about 50 vulnerabilities.

Updated: 28.04.2021

Added vulnerabilities #43-50.

1) Security restrictions bypass

EUVDB-ID: #VU52677

Risk: Low

CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1835

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists within the Accessibility feature. An attacker with physical access to device can access notes from the lock screen.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Input validation error

EUVDB-ID: #VU52627

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1740

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of directory paths. A local user can modify protected parts of the filesystem.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds read

EUVDB-ID: #VU52617

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1860

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within macOS kernel. A local user can run a specially crafted program to trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Insecure Inherited Permissions

EUVDB-ID: #VU52666

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1832

CWE-ID: CWE-277 - Insecure inherited permissions

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists within the kernel component, as copied files may not have the expected file permissions. A local user can abuse such behavior to elevate privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

EUVDB-ID: #VU52667

Risk: Low

CVSSv3.1: 3.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-30660

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within kernel. A local user can run a specially crafted program to trigger out-of-bounds read error and read contents of kernel memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Race condition

EUVDB-ID: #VU52621

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-30652

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the libxpc library. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Double Free

EUVDB-ID: #VU52622

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1875

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a double free error when processing files within the libxslt library. A remote attacker can trick the victim to open a specially crafted file, trigger heap corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Input validation error

EUVDB-ID: #VU52669

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1815

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of directory paths. A local user can modify protected parts of the filesystem.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Input validation error

EUVDB-ID: #VU52626

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1739

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of directory paths. A local user can modify protected parts of the filesystem.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Security restrictions bypass

EUVDB-ID: #VU52630

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1868

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to the Tailspin component does not properly impose security restrictions. A local user can escalate privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Universal cross-site scripting

EUVDB-ID: #VU52643

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1825

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Buffer overflow

EUVDB-ID: #VU52674

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1817

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing web content in WebKit. A remote attacker can create a specially crafted web page, trick the victim into visiting it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Universal cross-site scripting

EUVDB-ID: #VU52672

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1826

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data within WebKit. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Improper Initialization

EUVDB-ID: #VU52673

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1820

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to improper memory initialization in WebKit. A remote attacker can create a specially crafted web page, trick the victim into visiting it and disclose contents of process memory.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU52652

Risk: Critical

CVSSv3.1: 8.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2021-30661

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing web content within the WebKit Storage component. A remote attacker can create a specially crafted web page, trick the victim into visiting it, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Note, the vulnerability is being actively exploited in the wild.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

16) Use-after-free

EUVDB-ID: #VU46227

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-7463

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error when processing SCTP messages. A local user can send large user messages from multiple threads on the same socket., trigger a use-after-free error and crash the system.


Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Buffer overflow

EUVDB-ID: #VU52619

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1851

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within macOS kernel. A local user can run a specially crafted program to trigger memory corruption and execute arbitrary code with kernel privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Improper Certificate Validation

EUVDB-ID: #VU52678

Risk: Medium

CVSSv3.1: 6.2 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1837

CWE-ID: CWE-295 - Improper Certificate Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to improper certificate validation in App Store. A remote attacker on a privileged network position can intercept network traffic and perform MitM attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Out-of-bounds write

EUVDB-ID: #VU52609

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1881

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing font files within the GetFDIndex function in libFontParser. A remote attacker can create a specially crafted OTF font, trick the victim into a document of a web page with the malicious font, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Out-of-bounds read

EUVDB-ID: #VU52648

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1867

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing untrusted input within the Apple Neural Engine component. A local application can trigger an out-of-bounds read and execute arbitrary code on the target system with kernel privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Improper Verification of Cryptographic Signature

EUVDB-ID: #VU52647

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1849

CWE-ID: CWE-347 - Improper Verification of Cryptographic Signature

Exploit availability: No

Description

The vulnerability allows a malicious application to bypass implemented security restrictions.

The vulnerability exists due to improper signature validation with in the AppleMobileFileIntegrity component. A malicious application can bypass Privacy preferences.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Security restriction bypass

EUVDB-ID: #VU52679

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1836

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to bypass intended security restrictions.

The vulnerability exists within Assets component. A local user is able to create or modify privileged files.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Out-of-bounds read

EUVDB-ID: #VU52599

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1808

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the Audio component. A local user can run a specially crafted program to trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Improper Initialization

EUVDB-ID: #VU52600

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1857

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to improper initialization within the CFNetwork component when processing crafted web content. A remote attacker can trick the victim to open a specially crafted webpage, trigger memory corruption and gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Out-of-bounds read

EUVDB-ID: #VU52654

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1846

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the CoreAudio component. A remote attacker can create a specially crafted audio file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Out-of-bounds read

EUVDB-ID: #VU52603

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1809

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the CoreAudio component. A local user can run a specially crafted program to trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Information disclosure

EUVDB-ID: #VU52655

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-30659

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a validation issue within the CoreFoundation component. A malicious application can gain unauthorized access to sensitive information on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Out-of-bounds read

EUVDB-ID: #VU52605

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1811

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the CoreText component when processing specially crafted font files. A remote attacker can create a specially crafted font file, trick the victim into opening a document or a web page that contains the malicious font, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Resource management error

EUVDB-ID: #VU52656

Risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1872

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to improper management of internal resources within FaceTime when muting a CallKit call, which results in muting not being enabled while ringing. A remote attacker can eavesdrop on conversation.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Buffer overflow

EUVDB-ID: #VU52614

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1882

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the Foundation component. A local user can run a specially crafted program to trigger memory corruption and execute arbitrary code on the system with root privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Security restrictions bypass

EUVDB-ID: #VU52612

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1813

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to the Foundation component does not properly impose security restrictions. A local user can run a specially crafted program to escalate privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Information disclosure

EUVDB-ID: #VU52681

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-30656

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists in GPU driver. A local application can determine kernel memory layout.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Heap-based buffer overflow

EUVDB-ID: #VU52657

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1883

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in Heimdal when processing server messages. A remote attacker can trick the user to connect to a malicious server, send a specially crafted message, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Race condition

EUVDB-ID: #VU52658

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1884

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform denial of service (DoS) attack.

The vulnerability exists due to a race condition in Heimdal. A remote attacker can crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Out-of-bounds read

EUVDB-ID: #VU52662

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1885

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a boundary condition within the ImageIO component. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and execute arbitrary code on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Input validation error

EUVDB-ID: #VU52660

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-30653

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input within the ImageIO component A remote attacker can trick the victim to open a specially crafted image and execute arbitrary code on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Input validation error

EUVDB-ID: #VU52615

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1843

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input within the ImageIO component. A remote attacker can create a specially crafted image, trick the victim into opening it and execute arbitrary code on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Out-of-bounds read

EUVDB-ID: #VU52663

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1858

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the DecodeRow function in ImageIO. A remote attacker can create a specially crafted KTX image, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Use-after-free

EUVDB-ID: #VU52682

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1864

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing JavaScript in iTunes Store. A remote attacker can use a specially crafted JavaScript to trigger use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

iPadOS: 14.0 18A373 - 14.4.2 18D70

Apple iOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Insecure Inherited Permissions

EUVDB-ID: #VU52684

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1822

CWE-ID: CWE-277 - Insecure inherited permissions

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists within the MobileInstallation component. A local user can modify protected parts of the file system and escalate privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apple iOS: 14.0 18A373 - 14.4.2 18D70

iPadOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Buffer overflow

EUVDB-ID: #VU52683

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1816

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within OS kernel. A local user can run a specially crafted program to trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apple iOS: 14.0 18A373 - 14.4.2 18D70

iPadOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Input validation error

EUVDB-ID: #VU52685

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1807

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to write arbitrary files.

The vulnerability exists due to insufficient validation of user-supplied input. A local user can write arbitrary files to the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apple iOS: 14.0 18A373 - 14.4.2 18D70

iPadOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Out-of-bounds read

EUVDB-ID: #VU52697

Risk: Low

CVSSv3.1: 3.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1830

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the kernel subsystem. A local user can run a specially crafted program to trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apple iOS: 14.0 18A373 - 14.4.2 18D70

iPadOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Out-of-bounds read

EUVDB-ID: #VU52696

Risk: Low

CVSSv3.1: 3.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1852

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the kernel subsystem. A local user can run a specially crafted program to trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apple iOS: 14.0 18A373 - 14.4.2 18D70

iPadOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Out-of-bounds read

EUVDB-ID: #VU52695

Risk: Low

CVSSv3.1: 3.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1877

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the kernel subsystem. A local user can run a specially crafted program to trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apple iOS: 14.0 18A373 - 14.4.2 18D70

iPadOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Security restrictions bypass

EUVDB-ID: #VU52698

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1874

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to system does not properly impose security restrictions, which leads to security restrictions bypass and privilege escalation.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apple iOS: 14.0 18A373 - 14.4.2 18D70

iPadOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Information disclosure

EUVDB-ID: #VU52703

Risk: Low

CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1848

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists within the Wallet component. A local user can view sensitive information in the app switcher.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apple iOS: 14.0 18A373 - 14.4.2 18D70

iPadOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Resource management error

EUVDB-ID: #VU52702

Risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1854

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass gain access to sensitive information.

The vulnerability exists due to the way incoming calls are handled. A legacy cellular network can automatically answer an incoming call when an ongoing call ends or drops.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apple iOS: 14.0 18A373 - 14.4.2 18D70

iPadOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Improper Preservation of Permissions

EUVDB-ID: #VU52701

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1831

CWE-ID: N/A

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to the way shortcuts are handled by the system. A local user can create shortcuts to restricted files and access them.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apple iOS: 14.0 18A373 - 14.4.2 18D70

iPadOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Information disclosure

EUVDB-ID: #VU52700

Risk: Low

CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1865

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists in the Password Manager component that allows to view user's passwords on screen. An attacker with physical proximity to the device can eavesdrop on victim's passwords.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apple iOS: 14.0 18A373 - 14.4.2 18D70

iPadOS: 14.0 18A373 - 14.4.2 18D70

CPE2.3 External links

http://support.apple.com/en-us/HT212317


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###