Main Vulnerability Database Vulnerabilities #VU58905

Multiple Interpretations of UI Input in Apple iOS and iPadOS - CVE-2021-30948

Published: December 14, 2021

Vulnerability identifier: #VU58905

CSH Severity: Medium

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2021-30948

CWE-ID: CWE-450

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Apple iOS
iPadOS

Software vendor:
Apple Inc.

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to an inconsistent user interface issue in Password Manager application. An attacker with physical access to device can access stored passwords without authentication.

Remediation

Install updates from vendor's website.

External links

https://support.apple.com/en-us/HT212976

Multiple Interpretations of UI Input in Apple iOS and iPadOS - CVE-2021-30948

Description

Remediation

External links

Please verify you're human