Main Vulnerability Database SB2021052706

SB2021052706 - Information disclosure in Apple M1 chips

Published: May 27, 2021

Security Bulletin ID SB2021052706

Severity

Low

Patch available

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Information disclosure (CVE-ID: CVE-2021-30747)

The vulnerability allows a local attacker to gain access to potentially sensitive information.

The vulnerability exists due to a flaw in the design of the Apple Silicon "M1" chip which allows any two applications running under an OS to covertly exchange data between them, without using memory, sockets, files, or any other normal operating system features. A local attacker can gain unauthorized access to sensitive information on the system.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://youtu.be/hLQKrEh6w7M
https://m1racles.com/