Improper Initialization in Apple iOS and iPadOS - CVE-2021-1780
Published: June 3, 2021
Vulnerability identifier: #VU53786
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-1780
CWE-ID: CWE-665
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Apple Inc.
Affected software:
Apple iOS
iPadOS
Apple iOS
iPadOS
Detailed vulnerability description
The vulnerability allows an attacker to perform DoS attack.
The vulnerability exists due to improper initialization within the Bluetooth subsystem. An attacker with physical proximity to device can send specially crafted packets to the system and perform a denial of service (DoS) attack.
How to mitigate CVE-2021-1780
Install updates from vendor's website.