Sign-up

ID

VAR-202109-0278


CVE

CVE-2021-1812


TITLE

iOS  and  iPadOS  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-012304

DESCRIPTION

A logic issue was addressed with improved validation. This issue is fixed in iOS 14.5 and iPadOS 14.5. A malicious application may be able to execute arbitrary code with system privileges. iOS and iPadOS Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Both Apple iOS and Apple iPadOS are products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets

Trust: 1.8

sources: NVD: CVE-2021-1812 // JVNDB: JVNDB-2021-012304 // VULHUB: VHN-376472 // VULMON: CVE-2021-1812

AFFECTED PRODUCTS

vendor:applemodel:ipadosscope:ltversion:14.5

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:14.5

Trust: 1.0

vendor:アップルmodel:iosscope: - version: -

Trust: 0.8

vendor:アップルmodel:ipadosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-012304 // NVD: CVE-2021-1812

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-1812
value: HIGH

Trust: 1.0

NVD: CVE-2021-1812
value: HIGH

Trust: 0.8

VULHUB: VHN-376472
value: HIGH

Trust: 0.1

VULMON: CVE-2021-1812
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-1812
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-376472
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-1812
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-1812
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-376472 // VULMON: CVE-2021-1812 // JVNDB: JVNDB-2021-012304 // NVD: CVE-2021-1812

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-012304 // NVD: CVE-2021-1812

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-202109-408

PATCH

title:HT212317 Apple  Security updateurl:https://support.apple.com/en-us/HT212317

Trust: 0.8

title:Apple Repair measures for multiple product access control errors and vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=161817

Trust: 0.6

sources: JVNDB: JVNDB-2021-012304 // CNNVD: CNNVD-202109-408

EXTERNAL IDS

db:NVDid:CVE-2021-1812

Trust: 3.4

db:JVNDBid:JVNDB-2021-012304

Trust: 0.8

db:CNNVDid:CNNVD-202109-408

Trust: 0.7

db:VULHUBid:VHN-376472

Trust: 0.1

db:VULMONid:CVE-2021-1812

Trust: 0.1

sources: VULHUB: VHN-376472 // VULMON: CVE-2021-1812 // JVNDB: JVNDB-2021-012304 // CNNVD: CNNVD-202109-408 // NVD: CVE-2021-1812

REFERENCES

url:https://support.apple.com/en-us/ht212317

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-1812

Trust: 1.4

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-376472 // VULMON: CVE-2021-1812 // JVNDB: JVNDB-2021-012304 // CNNVD: CNNVD-202109-408 // NVD: CVE-2021-1812

SOURCES

db:VULHUBid:VHN-376472
db:VULMONid:CVE-2021-1812
db:JVNDBid:JVNDB-2021-012304
db:CNNVDid:CNNVD-202109-408
db:NVDid:CVE-2021-1812

LAST UPDATE DATE

2024-08-14T15:42:45.424000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-376472date:2021-09-21T00:00:00
db:VULMONid:CVE-2021-1812date:2021-09-21T00:00:00
db:JVNDBid:JVNDB-2021-012304date:2022-08-29T07:25:00
db:CNNVDid:CNNVD-202109-408date:2021-09-10T00:00:00
db:NVDid:CVE-2021-1812date:2021-09-21T15:18:03.047

SOURCES RELEASE DATE

db:VULHUBid:VHN-376472date:2021-09-08T00:00:00
db:VULMONid:CVE-2021-1812date:2021-09-08T00:00:00
db:JVNDBid:JVNDB-2021-012304date:2022-08-29T00:00:00
db:CNNVDid:CNNVD-202109-408date:2021-09-08T00:00:00
db:NVDid:CVE-2021-1812date:2021-09-08T15:15:09.680