ID

VAR-202109-1374


CVE

CVE-2021-30706


TITLE

Apple macOS ImageIO WEBP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Trust: 1.4

sources: ZDI: ZDI-21-943 // ZDI: ZDI-21-942

DESCRIPTION

Processing a maliciously crafted image may lead to disclosure of user information. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. This issue was addressed with improved checks. plural Apple The product contains an out-of-bounds read vulnerability.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.The specific flaw exists within the ImageIO framework. Crafted data in a WEBP file can trigger a read past the end of an allocated data structure. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Trust: 4.23

sources: NVD: CVE-2021-30706 // JVNDB: JVNDB-2021-013529 // ZDI: ZDI-21-892 // ZDI: ZDI-21-943 // ZDI: ZDI-21-942 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-390439 // VULMON: CVE-2021-30706

AFFECTED PRODUCTS

vendor:applemodel:macosscope: - version: -

Trust: 2.1

vendor:applemodel:tvosscope:ltversion:14.6

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:7.5

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:14.6

Trust: 1.0

vendor:applemodel:macosscope:ltversion:11.4

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:14.6

Trust: 1.0

vendor:アップルmodel:ipadosscope: - version: -

Trust: 0.8

vendor:アップルmodel:watchosscope: - version: -

Trust: 0.8

vendor:アップルmodel:iosscope: - version: -

Trust: 0.8

vendor:アップルmodel:macosscope: - version: -

Trust: 0.8

vendor:アップルmodel:tvosscope: - version: -

Trust: 0.8

sources: ZDI: ZDI-21-892 // ZDI: ZDI-21-943 // ZDI: ZDI-21-942 // JVNDB: JVNDB-2021-013529 // NVD: CVE-2021-30706

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2021-30706
value: LOW

Trust: 2.1

nvd@nist.gov: CVE-2021-30706
value: MEDIUM

Trust: 1.0

NVD: CVE-2021-30706
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202107-1733
value: MEDIUM

Trust: 0.6

VULHUB: VHN-390439
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-30706
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-390439
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

ZDI: CVE-2021-30706
baseSeverity: LOW
baseScore: 3.3
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 1.4
version: 3.0

Trust: 2.1

nvd@nist.gov: CVE-2021-30706
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2021-30706
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: ZDI: ZDI-21-892 // ZDI: ZDI-21-943 // ZDI: ZDI-21-942 // VULHUB: VHN-390439 // JVNDB: JVNDB-2021-013529 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-1733 // NVD: CVE-2021-30706

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.1

problemtype:Out-of-bounds read (CWE-125) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-390439 // JVNDB: JVNDB-2021-013529 // NVD: CVE-2021-30706

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202107-1733

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:Apple has issued an update to correct this vulnerability.url:https://support.apple.com/HT212529

Trust: 1.4

title:HT212532 Apple  Security updateurl:https://support.apple.com/en-us/HT212528

Trust: 0.8

title:Apple macOS Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=157449

Trust: 0.6

sources: ZDI: ZDI-21-943 // ZDI: ZDI-21-942 // JVNDB: JVNDB-2021-013529 // CNNVD: CNNVD-202107-1733

EXTERNAL IDS

db:NVDid:CVE-2021-30706

Trust: 5.5

db:ZDIid:ZDI-21-892

Trust: 1.4

db:ZDIid:ZDI-21-943

Trust: 1.3

db:JVNDBid:JVNDB-2021-013529

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-12842

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-13362

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-13360

Trust: 0.7

db:ZDIid:ZDI-21-942

Trust: 0.7

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:CS-HELPid:SB2021072244

Trust: 0.6

db:CNNVDid:CNNVD-202107-1733

Trust: 0.6

db:VULHUBid:VHN-390439

Trust: 0.1

db:VULMONid:CVE-2021-30706

Trust: 0.1

sources: ZDI: ZDI-21-892 // ZDI: ZDI-21-943 // ZDI: ZDI-21-942 // VULHUB: VHN-390439 // VULMON: CVE-2021-30706 // JVNDB: JVNDB-2021-013529 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-1733 // NVD: CVE-2021-30706

REFERENCES

url:https://support.apple.com/en-us/ht212528

Trust: 1.7

url:https://support.apple.com/en-us/ht212529

Trust: 1.7

url:https://support.apple.com/en-us/ht212532

Trust: 1.7

url:https://support.apple.com/en-us/ht212533

Trust: 1.7

url:https://support.apple.com/ht212529

Trust: 1.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-30706

Trust: 1.4

url:https://www.zerodayinitiative.com/advisories/zdi-21-892/

Trust: 0.7

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://www.zerodayinitiative.com/advisories/zdi-21-943/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021072244

Trust: 0.6

sources: ZDI: ZDI-21-943 // ZDI: ZDI-21-942 // VULHUB: VHN-390439 // VULMON: CVE-2021-30706 // JVNDB: JVNDB-2021-013529 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-1733 // NVD: CVE-2021-30706

CREDITS

Jzhu

Trust: 2.0

sources: ZDI: ZDI-21-943 // ZDI: ZDI-21-942 // CNNVD: CNNVD-202107-1733

SOURCES

db:ZDIid:ZDI-21-892
db:ZDIid:ZDI-21-943
db:ZDIid:ZDI-21-942
db:VULHUBid:VHN-390439
db:VULMONid:CVE-2021-30706
db:JVNDBid:JVNDB-2021-013529
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202107-1733
db:NVDid:CVE-2021-30706

LAST UPDATE DATE

2024-08-14T12:20:52.053000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-21-892date:2021-07-22T00:00:00
db:ZDIid:ZDI-21-943date:2021-08-05T00:00:00
db:ZDIid:ZDI-21-942date:2021-08-05T00:00:00
db:VULHUBid:VHN-390439date:2021-09-17T00:00:00
db:JVNDBid:JVNDB-2021-013529date:2022-09-15T03:21:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202107-1733date:2021-09-18T00:00:00
db:NVDid:CVE-2021-30706date:2021-09-17T11:39:34.840

SOURCES RELEASE DATE

db:ZDIid:ZDI-21-892date:2021-07-22T00:00:00
db:ZDIid:ZDI-21-943date:2021-08-05T00:00:00
db:ZDIid:ZDI-21-942date:2021-08-05T00:00:00
db:VULHUBid:VHN-390439date:2021-09-08T00:00:00
db:JVNDBid:JVNDB-2021-013529date:2022-09-15T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202107-1733date:2021-07-22T00:00:00
db:NVDid:CVE-2021-30706date:2021-09-08T15:15:15.597