Sign-up

ID

VAR-202109-1355


CVE

CVE-2021-30742


TITLE

(0Day) Apple macOS AudioToolboxCore LOAS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Trust: 0.7

sources: ZDI: ZDI-21-890

DESCRIPTION

A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted audio file may lead to arbitrary code execution. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the GetFramesPerPacket function in AudioToolboxCore. Crafted data in a LOAS file can trigger a read past the end of an allocated data structure. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Apple macOS is a special operating system developed by Apple Inc. for Mac computers. Apple macOS has a resource management error vulnerability, which stems from the boundary condition error of the GetFramesPerPacket function in AudioToolboxCore. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Trust: 2.79

sources: NVD: CVE-2021-30742 // ZDI: ZDI-21-890 // CNNVD: CNNVD-202107-1712 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-390475 // VULMON: CVE-2021-30742

AFFECTED PRODUCTS

vendor:applemodel:ipadosscope:ltversion:14.5

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:14.5

Trust: 1.0

vendor:applemodel:macosscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-21-890 // NVD: CVE-2021-30742

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-30742
value: HIGH

Trust: 1.0

ZDI: CVE-2021-30742
value: LOW

Trust: 0.7

CNNVD: CNNVD-202107-1712
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

VULHUB: VHN-390475
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-30742
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-390475
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-30742
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ZDI: CVE-2021-30742
baseSeverity: LOW
baseScore: 3.3
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 1.4
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-21-890 // VULHUB: VHN-390475 // CNNVD: CNNVD-202107-1712 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-30742

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2021-30742

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202107-1712

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202107-1712

PATCH

title:Apple macOS Buffer error vulnerability fixurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=157433

Trust: 0.6

sources: CNNVD: CNNVD-202107-1712

EXTERNAL IDS

db:NVDid:CVE-2021-30742

Trust: 2.5

db:ZDIid:ZDI-21-890

Trust: 1.4

db:ZDI_CANid:ZDI-CAN-12997

Trust: 0.7

db:CS-HELPid:SB2021072246

Trust: 0.6

db:CNNVDid:CNNVD-202107-1712

Trust: 0.6

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:VULHUBid:VHN-390475

Trust: 0.1

db:VULMONid:CVE-2021-30742

Trust: 0.1

sources: ZDI: ZDI-21-890 // VULHUB: VHN-390475 // VULMON: CVE-2021-30742 // CNNVD: CNNVD-202107-1712 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-30742

REFERENCES

url:https://support.apple.com/en-us/ht212317

Trust: 1.7

url:https://www.zerodayinitiative.com/advisories/zdi-21-890/

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-30742

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021072246

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

sources: VULHUB: VHN-390475 // VULMON: CVE-2021-30742 // CNNVD: CNNVD-202107-1712 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-30742

CREDITS

Mickey Jin of Trend Micro Mobile Security Research Team

Trust: 1.3

sources: ZDI: ZDI-21-890 // CNNVD: CNNVD-202107-1712

SOURCES

db:ZDIid:ZDI-21-890
db:VULHUBid:VHN-390475
db:VULMONid:CVE-2021-30742
db:CNNVDid:CNNVD-202107-1712
db:CNNVDid:CNNVD-202104-975
db:NVDid:CVE-2021-30742

LAST UPDATE DATE

2024-08-14T12:31:27.034000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-21-890date:2021-07-22T00:00:00
db:VULHUBid:VHN-390475date:2023-01-09T00:00:00
db:CNNVDid:CNNVD-202107-1712date:2023-01-10T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:NVDid:CVE-2021-30742date:2023-01-09T16:41:59.350

SOURCES RELEASE DATE

db:ZDIid:ZDI-21-890date:2021-07-22T00:00:00
db:VULHUBid:VHN-390475date:2021-09-08T00:00:00
db:CNNVDid:CNNVD-202107-1712date:2021-07-22T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:NVDid:CVE-2021-30742date:2021-09-08T14:15:09.553