Sign-up

ID

VAR-202109-1340


CVE

CVE-2021-30725


TITLE

plural  Apple  Out-of-bounds write vulnerabilities in the product

Trust: 0.8

sources: JVNDB: JVNDB-2021-013536

DESCRIPTION

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. macOS , iOS , iPadOS Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.The specific flaw exists within the ModelIO framework. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Apple macOS is a set of dedicated operating systems developed by Apple Corporation for Mac computers. A buffer error vulnerability exists in Apple macOS due to a bounds error when handling untrusted input in Model I/O. The following products and versions are affected: Macos: 10.15 19A583, 10.15 19A602, 10.15 19A603, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19d76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15. 5 19F101, 10.15.6 19G73 , 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H4, 10.15.7 19H15, 10.15.7 19H114, 10.15.7 19H512, 10.15.7 19H524, 10.15.7 19H1030

Trust: 2.97

sources: NVD: CVE-2021-30725 // JVNDB: JVNDB-2021-013536 // ZDI: ZDI-21-795 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-390458 // VULMON: CVE-2021-30725

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:lteversion:10.15.6

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.14.0

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:14.6

Trust: 1.0

vendor:applemodel:macosscope:ltversion:11.4

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:14.6

Trust: 1.0

vendor:applemodel:mac os xscope:lteversion:10.14.5

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.14.6

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.15

Trust: 1.0

vendor:applemodel:macosscope:gteversion:11.0.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.15.7

Trust: 1.0

vendor:アップルmodel:iosscope: - version: -

Trust: 0.8

vendor:アップルmodel:apple mac os xscope: - version: -

Trust: 0.8

vendor:アップルmodel:macosscope: - version: -

Trust: 0.8

vendor:アップルmodel:ipadosscope: - version: -

Trust: 0.8

vendor:applemodel:macosscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-21-795 // JVNDB: JVNDB-2021-013536 // NVD: CVE-2021-30725

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-30725
value: HIGH

Trust: 1.0

NVD: CVE-2021-30725
value: HIGH

Trust: 0.8

ZDI: CVE-2021-30725
value: HIGH

Trust: 0.7

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202105-1544
value: HIGH

Trust: 0.6

VULHUB: VHN-390458
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-30725
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-390458
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-30725
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-30725
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2021-30725
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-21-795 // VULHUB: VHN-390458 // JVNDB: JVNDB-2021-013536 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202105-1544 // NVD: CVE-2021-30725

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-390458 // JVNDB: JVNDB-2021-013536 // NVD: CVE-2021-30725

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202105-1544

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:HT212530 Apple  Security updateurl:https://support.apple.com/en-us/HT212528

Trust: 0.8

title:Apple has issued an update to correct this vulnerability.url:https://support.apple.com/HT212529

Trust: 0.7

title:Apple macOS Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=151729

Trust: 0.6

title:Apple: iOS 14.6 and iPadOS 14.6url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=aebc753d2fbbe6784a52339b16fd5417

Trust: 0.1

sources: ZDI: ZDI-21-795 // VULMON: CVE-2021-30725 // JVNDB: JVNDB-2021-013536 // CNNVD: CNNVD-202105-1544

EXTERNAL IDS

db:NVDid:CVE-2021-30725

Trust: 4.1

db:ZDIid:ZDI-21-795

Trust: 1.4

db:JVNDBid:JVNDB-2021-013536

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-13394

Trust: 0.7

db:CNNVDid:CNNVD-202105-1544

Trust: 0.7

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:AUSCERTid:ESB-2021.1794

Trust: 0.6

db:CS-HELPid:SB2021052502

Trust: 0.6

db:VULHUBid:VHN-390458

Trust: 0.1

db:VULMONid:CVE-2021-30725

Trust: 0.1

sources: ZDI: ZDI-21-795 // VULHUB: VHN-390458 // VULMON: CVE-2021-30725 // JVNDB: JVNDB-2021-013536 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202105-1544 // NVD: CVE-2021-30725

REFERENCES

url:https://support.apple.com/en-us/ht212528

Trust: 1.7

url:https://support.apple.com/en-us/ht212529

Trust: 1.7

url:https://support.apple.com/en-us/ht212530

Trust: 1.7

url:https://support.apple.com/en-us/ht212531

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-30725

Trust: 1.4

url:https://support.apple.com/ht212529

Trust: 0.7

url:https://www.zerodayinitiative.com/advisories/zdi-21-795/

Trust: 0.7

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-ios-multiple-vulnerabilities-35513

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1794

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021052502

Trust: 0.6

url:https://support.apple.com/kb/ht212528

Trust: 0.1

sources: ZDI: ZDI-21-795 // VULHUB: VHN-390458 // VULMON: CVE-2021-30725 // JVNDB: JVNDB-2021-013536 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202105-1544 // NVD: CVE-2021-30725

CREDITS

Mickey Jin (@patch1t) of Trend Micro

Trust: 1.3

sources: ZDI: ZDI-21-795 // CNNVD: CNNVD-202105-1544

SOURCES

db:ZDIid:ZDI-21-795
db:VULHUBid:VHN-390458
db:VULMONid:CVE-2021-30725
db:JVNDBid:JVNDB-2021-013536
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202105-1544
db:NVDid:CVE-2021-30725

LAST UPDATE DATE

2024-08-14T12:30:31.767000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-21-795date:2021-07-13T00:00:00
db:VULHUBid:VHN-390458date:2023-01-09T00:00:00
db:JVNDBid:JVNDB-2021-013536date:2022-09-15T05:13:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202105-1544date:2021-09-16T00:00:00
db:NVDid:CVE-2021-30725date:2023-01-09T16:41:59.350

SOURCES RELEASE DATE

db:ZDIid:ZDI-21-795date:2021-07-13T00:00:00
db:VULHUBid:VHN-390458date:2021-09-08T00:00:00
db:JVNDBid:JVNDB-2021-013536date:2022-09-15T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202105-1544date:2021-05-25T00:00:00
db:NVDid:CVE-2021-30725date:2021-09-08T14:15:08.833