Main Vulnerability Database Vulnerabilities #VU53493

Security features bypass in macOS - CVE-2021-30668

Published: May 24, 2021

Vulnerability identifier: #VU53493

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2021-30668

CWE-ID: CWE-254

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
macOS

Software vendor:
Apple Inc.

Description

The vulnerability allows a local attacker to bypass the Login Window.

The vulnerability exists in the Software Update component. An attacker with physical access to the system can bypass the Login Windows during software update and gain unauthorized access to the system.

Remediation

Install updates from vendor's website.

External links

https://support.apple.com/en-us/HT212529

Security features bypass in macOS - CVE-2021-30668

Description

Remediation

External links

Please verify you're human