CVE-2021-1870
CRITICAL
9,8
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
HIGH
7,5
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: none
Confidentiality: partial
Integrity: partial
Availability: partial
Description
AI Translation Available
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0115
Percentile
0,8th
Updated
EPSS Score Trend (Last 90 Days)
Operating System
Iphone Os by Apple
Version Range Affected
To
14.4
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Macos by Apple
Version Range Affected
From
11.0.1
(inclusive)
To
11.2
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Ipados by Apple
Version Range Affected
To
14.4
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Fedora by Fedoraproject
CPE Identifier
View Detailed Analysis
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Webkitgtk by Webkitgtk
Version Range Affected
To
2.30.6
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Mac Os X by Apple
CPE Identifier
View Detailed Analysis
cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Mac Os X by Apple
CPE Identifier
View Detailed Analysis
cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Mac Os X by Apple
Version Range Affected
From
10.15
(inclusive)
To
10.15.7
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Fedora by Fedoraproject
CPE Identifier
View Detailed Analysis
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Mac Os X by Apple
CPE Identifier
View Detailed Analysis
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://security.gentoo.org/glsa/202104-03
https://support.apple.com/en-us/HT212146
https://support.apple.com/en-us/HT212147
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://security.gentoo.org/glsa/202104-03
https://support.apple.com/en-us/HT212146
https://support.apple.com/en-us/HT212147