ID

VAR-202108-1374


CVE

CVE-2021-30869


TITLE

Mistype vulnerability in multiple Apple products

Trust: 0.8

sources: JVNDB: JVNDB-2021-021188

DESCRIPTION

A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 12.5.5, iOS 14.4 and iPadOS 14.4, macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, Security Update 2021-006 Catalina. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild. iPadOS , iOS , Apple Mac OS X Multiple Apple products have a type mixup vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-09-23-1 iOS 12.5.5 iOS 12.5.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212824. CoreGraphics Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation) Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution. CVE-2021-30860: The Citizen Lab WebKit Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2021-30858: an anonymous researcher XNU Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation) Impact: A malicious application may be able to execute arbitrary code with kernel privileges. CVE-2021-30869: Erye Hernandez of Google Threat Analysis Group, Clément Lecigne of Google Threat Analysis Group, and Ian Beer of Google Project Zero Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About * The version after applying this update will be "12.5.5" Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmFMwTMACgkQeC9qKD1p rhgcXBAAyiXSTr7W8qmZJBjvLtLCHgFktFKHCjlufFKhQprFBUTWFgvYbqKLBg5w WHR9AqL+QUDtyybsf/STlITmcy7FtOlr1Ru/B9tVR/BKAS/8e2ngOVKcY2ska7Pb SuPsiyc9UI1VdxDZBkVfbTbDj3YMKOrK1ORK4UMDISU6bAbwMqFpriV9vCijk2Xh F7PFFlt9NwknUcuEEm7wT//hyLgZFx6mefFxTuBqKaHbHgCoAB6SJrCCHP2kU9rY +6IVq0xLEzEG5NNw/rQ/Xq0HVoNQiprQSCsSlwSgvuj/F9IdIcT+n0rdevK5wpIJ wlvKq0WG0Zumeq/vkpKtfB07nlsHmMOGldyRlGKd6xKcX3hM5Z3uFAvHQl6GByFx ALTfA7xcHKCNH6TBaAeAJIFOzDLDYghp4vsIEgnj1cZwc8IVQ0bAAgRgoQOXgwic 2IS9la1JmxG8/AzAWp9rSRMdQG8AvSaJFCS8sLjaprwC4d6MVESkJiJwEodx/x/g 6x4U1mP31UJARdlGDW3IZL7vbVr06Tv4fsF6sVxrtoDL8nDYp+bD0Qz67J9M0thx 08Ua7+lBw/sXIRhZMLJL5yxSQUPUBUIbWtWzZneDZWripUnL3WV3+mph68N6KnDz ORv11TKhITXpDkKV9VhMnBBAGw9oipBapqhNup6dYwpdPp4+M5g= =mQdQ -----END PGP SIGNATURE-----

Trust: 2.52

sources: NVD: CVE-2021-30869 // JVNDB: JVNDB-2021-021188 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-390602 // VULMON: CVE-2021-30869 // PACKETSTORM: 164280 // PACKETSTORM: 164277

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:lteversion:10.15.6

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:14.4

Trust: 1.0

vendor:applemodel:iphone osscope:gteversion:12.0

Trust: 1.0

vendor:applemodel:mac os xscope:lteversion:10.14.6

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.14.6

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.14

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:12.5.5

Trust: 1.0

vendor:applemodel:iphone osscope:gteversion:14.0

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.15

Trust: 1.0

vendor:applemodel:macosscope:ltversion:11.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.15.7

Trust: 1.0

vendor:applemodel:macosscope:gteversion:11.0

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:14.4

Trust: 1.0

vendor:アップルmodel:apple mac os xscope: - version: -

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion:11.0 that's all 11.2

Trust: 0.8

vendor:アップルmodel:ipadosscope: - version: -

Trust: 0.8

vendor:アップルmodel:iosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-021188 // NVD: CVE-2021-30869

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-30869
value: HIGH

Trust: 1.0

NVD: CVE-2021-30869
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202108-1956
value: HIGH

Trust: 0.6

VULHUB: VHN-390602
value: HIGH

Trust: 0.1

VULMON: CVE-2021-30869
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-30869
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-390602
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-30869
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-30869
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-390602 // VULMON: CVE-2021-30869 // JVNDB: JVNDB-2021-021188 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202108-1956 // NVD: CVE-2021-30869

PROBLEMTYPE DATA

problemtype:CWE-843

Trust: 1.1

problemtype:Mistake of type (CWE-843) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-390602 // JVNDB: JVNDB-2021-021188 // NVD: CVE-2021-30869

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202108-1956

TYPE

other

Trust: 1.2

sources: CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202108-1956

PATCH

title:HT212824 Apple  Security updateurl:https://support.apple.com/en-us/HT212146

Trust: 0.8

title:Multiple Apple Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=166262

Trust: 0.6

title:https://github.com/houjingyi233/macOS-iOS-system-securityurl:https://github.com/houjingyi233/macOS-iOS-system-security

Trust: 0.1

title:https://github.com/houjingyi233/macos-ios-exploit-writeupurl:https://github.com/houjingyi233/macos-ios-exploit-writeup

Trust: 0.1

title:Known Exploited Vulnerabilities Detectorurl:https://github.com/Ostorlab/KEV

Trust: 0.1

title: - url:https://www.welivesecurity.com/2022/01/25/watering-hole-deploys-new-macos-malware-dazzlespy-asia/

Trust: 0.1

title:Threatposturl:https://threatpost.com/mac-zero-day-apple-hong-kong/176300/

Trust: 0.1

title:Threatposturl:https://threatpost.com/apple-patches-zero-days-attack/174988/

Trust: 0.1

title:The Registerurl:https://www.theregister.co.uk/2021/09/24/apple_zero_day/

Trust: 0.1

sources: VULMON: CVE-2021-30869 // JVNDB: JVNDB-2021-021188 // CNNVD: CNNVD-202108-1956

EXTERNAL IDS

db:NVDid:CVE-2021-30869

Trust: 3.6

db:JVNDBid:JVNDB-2021-021188

Trust: 0.8

db:PACKETSTORMid:164277

Trust: 0.7

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:AUSCERTid:ESB-2021.3213

Trust: 0.6

db:CS-HELPid:SB2021092317

Trust: 0.6

db:CNNVDid:CNNVD-202108-1956

Trust: 0.6

db:VULHUBid:VHN-390602

Trust: 0.1

db:VULMONid:CVE-2021-30869

Trust: 0.1

db:PACKETSTORMid:164280

Trust: 0.1

sources: VULHUB: VHN-390602 // VULMON: CVE-2021-30869 // JVNDB: JVNDB-2021-021188 // PACKETSTORM: 164280 // PACKETSTORM: 164277 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202108-1956 // NVD: CVE-2021-30869

REFERENCES

url:https://support.apple.com/en-us/ht212824

Trust: 2.5

url:https://support.apple.com/en-us/ht212146

Trust: 1.8

url:https://support.apple.com/en-us/ht212147

Trust: 1.8

url:https://support.apple.com/en-us/ht212825

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-30869

Trust: 1.0

url:https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021092317

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3213

Trust: 0.6

url:https://packetstormsecurity.com/files/164277/apple-security-advisory-2021-09-23-1.html

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-ios-macos-privilege-escalation-via-xnu-36521

Trust: 0.6

url:https://support.apple.com/kb/ht201222

Trust: 0.2

url:https://www.apple.com/support/security/pgp/

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/843.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.theregister.co.uk/2021/09/24/apple_zero_day/

Trust: 0.1

url:https://threatpost.com/mac-zero-day-apple-hong-kong/176300/

Trust: 0.1

url:https://support.apple.com/ht212825.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-30858

Trust: 0.1

url:https://www.apple.com/itunes/

Trust: 0.1

url:https://support.apple.com/ht212824.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-30860

Trust: 0.1

sources: VULHUB: VHN-390602 // VULMON: CVE-2021-30869 // JVNDB: JVNDB-2021-021188 // PACKETSTORM: 164280 // PACKETSTORM: 164277 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202108-1956 // NVD: CVE-2021-30869

CREDITS

Apple

Trust: 0.2

sources: PACKETSTORM: 164280 // PACKETSTORM: 164277

SOURCES

db:VULHUBid:VHN-390602
db:VULMONid:CVE-2021-30869
db:JVNDBid:JVNDB-2021-021188
db:PACKETSTORMid:164280
db:PACKETSTORMid:164277
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202108-1956
db:NVDid:CVE-2021-30869

LAST UPDATE DATE

2024-08-14T12:41:24.573000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-390602date:2021-10-20T00:00:00
db:VULMONid:CVE-2021-30869date:2023-11-07T00:00:00
db:JVNDBid:JVNDB-2021-021188date:2024-07-18T06:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202108-1956date:2021-10-21T00:00:00
db:NVDid:CVE-2021-30869date:2024-07-29T18:23:59.483

SOURCES RELEASE DATE

db:VULHUBid:VHN-390602date:2021-08-24T00:00:00
db:VULMONid:CVE-2021-30869date:2021-08-24T00:00:00
db:JVNDBid:JVNDB-2021-021188date:2024-07-18T00:00:00
db:PACKETSTORMid:164280date:2021-09-24T15:46:28
db:PACKETSTORMid:164277date:2021-09-24T15:40:03
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202108-1956date:2021-08-24T00:00:00
db:NVDid:CVE-2021-30869date:2021-08-24T19:15:15.080