Details of VAR-202109-1387

ID

VAR-202109-1387

CVE

CVE-2021-30687

TITLE

plural Apple Product out-of-bounds read vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-013551

DESCRIPTION

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted image may lead to disclosure of user information. plural Apple The product contains an out-of-bounds read vulnerability.Information may be obtained. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Apple tvOS is a smart TV operating system developed by Apple (Apple). A buffer error vulnerability exists in tvOS, which originates from a boundary condition in ImageIO. A remote attacker could exploit this vulnerability to create a specially crafted file, trick a victim into opening it, trigger an out-of-bounds read error, and read the contents of memory on the system. Affected products and versions: tvOS: 14.0 18J386, 14.0.1 18J400, 14.0.2 18J411, 14.2 18K57, 14.3 18K561, 14.4 18K802, 14.5 18L204. CVE-2021-30678: Yu Wang of Didi Research America AppleScript Available for: macOS Catalina Impact: A malicious application may bypass Gatekeeper checks Description: A logic issue was addressed with improved state management. CVE-2021-30710: Gabe Kirkpatrick (@gabe_k) Heimdal Available for: macOS Catalina Impact: A remote attacker may be able to cause a denial of service Description: A race condition was addressed with improved locking. CVE-2021-1884: Gabe Kirkpatrick (@gabe_k) Heimdal Available for: macOS Catalina Impact: Processing maliciously crafted server messages may lead to heap corruption Description: This issue was addressed with improved checks. CVE-2021-30715: The UK's National Cyber Security Centre (NCSC) Login Window Available for: macOS Catalina Impact: A person with physical access to a Mac may be able to bypass Login Window Description: A logic issue was addressed with improved state management. CVE-2021-30702: Jewel Lambert of Original Spin, LLC. CVE-2021-30679: Gabe Kirkpatrick (@gabe_k) OpenLDAP Available for: macOS Catalina Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2020-36226 CVE-2020-36229 CVE-2020-36225 CVE-2020-36224 CVE-2020-36223 CVE-2020-36227 CVE-2020-36228 CVE-2020-36221 CVE-2020-36222 CVE-2020-36230 smbx Available for: macOS Catalina Impact: An attacker in a privileged network position may be able to perform denial of service Description: A logic issue was addressed with improved state management. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-05-25-1 iOS 14.6 and iPadOS 14.6 iOS 14.6 and iPadOS 14.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212528. Audio Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-30707: hjy79425575 working with Trend Micro Zero Day Initiative Audio Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information Description: This issue was addressed with improved checks. CVE-2021-30685: Mickey Jin (@patch1t) of Trend Micro AVEVideoEncoder Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A race condition was addressed with improved state handling. CVE-2021-30714: @08Tc3wBB of ZecOps, and George Nosenko CommCenter Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A device may accept invalid activation results Description: A logic issue was addressed with improved restrictions. CVE-2021-30729: CHRISTIAN MINA Core Services Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to gain root privileges Description: A validation issue existed in the handling of symlinks. CVE-2021-30681: Zhongcheng Li (CK01) CoreAudio Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted audio file may disclose restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30686: Mickey Jin of Trend Micro Crash Reporter Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to modify protected parts of the file system Description: A logic issue was addressed with improved state management. CVE-2021-30727: Cees Elzinga CVMS Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A local attacker may be able to elevate their privileges Description: This issue was addressed with improved checks. CVE-2021-30724: Mickey Jin (@patch1t) of Trend Micro Heimdal Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A local user may be able to leak sensitive user information Description: A logic issue was addressed with improved state management. CVE-2021-30697: Gabe Kirkpatrick (@gabe_k) Heimdal Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may cause a denial of service or potentially disclose memory contents Description: A memory corruption issue was addressed with improved state management. CVE-2021-30710: Gabe Kirkpatrick (@gabe_k) ImageIO Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted image may lead to disclosure of user information Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30687: Hou JingYi (@hjy79425575) of Qihoo 360 ImageIO Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted image may lead to disclosure of user information Description: This issue was addressed with improved checks. CVE-2021-30700: Ye Zhang(@co0py_Cat) of Baidu Security ImageIO Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-30701: Mickey Jin (@patch1t) of Trend Micro and Ye Zhang of Baidu Security ImageIO Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted ASTC file may disclose memory contents Description: This issue was addressed with improved checks. CVE-2021-30705: Ye Zhang of Baidu Security Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved validation. CVE-2021-30740: Linus Henze (pinauten.de) Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may disclose restricted memory Description: This issue was addressed with improved checks. CVE-2021-30674: Siddharth Aeri (@b1n4r1b01) Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved state management. CVE-2021-30704: an anonymous researcher Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted message may lead to a denial of service Description: A logic issue was addressed with improved state management. CVE-2021-30715: The UK's National Cyber Security Centre (NCSC) Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow was addressed with improved size validation. CVE-2021-30736: Ian Beer of Google Project Zero LaunchServices Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to break out of its sandbox Description: This issue was addressed with improved environment sanitization. CVE-2021-30677: Ron Waisberg (@epsilan) Mail Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination Description: A use after free issue was addressed with improved memory management. CVE-2021-30741: SYMaster of ZecOps Mobile EDR Team Model I/O Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted USD file may disclose memory contents Description: An information disclosure issue was addressed with improved state management. CVE-2021-30723: Mickey Jin (@patch1t) of Trend Micro CVE-2021-30691: Mickey Jin (@patch1t) of Trend Micro CVE-2021-30692: Mickey Jin (@patch1t) of Trend Micro CVE-2021-30694: Mickey Jin (@patch1t) of Trend Micro Model I/O Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2021-30725: Mickey Jin (@patch1t) of Trend Micro Model I/O Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted USD file may disclose memory contents Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-30746: Mickey Jin (@patch1t) of Trend Micro Model I/O Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A validation issue was addressed with improved logic. CVE-2021-30693: Mickey Jin (@patch1t) & Junzhi Lu (@pwn0rz) of Trend Micro Model I/O Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted USD file may disclose memory contents Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30695: Mickey Jin (@patch1t) & Junzhi Lu (@pwn0rz) of Trend Micro Model I/O Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-30708: Mickey Jin (@patch1t) & Junzhi Lu (@pwn0rz) of Trend Micro Model I/O Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted USD file may disclose memory contents Description: This issue was addressed with improved checks. CVE-2021-30709: Mickey Jin (@patch1t) of Trend Micro Notes Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A user may be able to view restricted content from the lockscreen Description: A window management issue was addressed with improved state management. CVE-2021-30699: videosdebarraquito Security Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code. CVE-2021-30737: xerub WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. CVE-2021-30744: Dan Hite of jsontop WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2021-21779: Marcin Towalski of Cisco Talos WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to leak sensitive user information Description: A logic issue was addressed with improved restrictions. CVE-2021-30682: an anonymous researcher and 1lastBr3ath WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management. CVE-2021-30689: an anonymous researcher WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2021-30749: an anonymous researcher and mipu94 of SEFCOM lab, ASU. working with Trend Micro Zero Day Initiative CVE-2021-30734: Jack Dates of RET2 Systems, Inc. (@ret2systems) working with Trend Micro Zero Day Initiative WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious website may be able to access restricted ports on arbitrary servers Description: A logic issue was addressed with improved restrictions. CVE-2021-30720: David Schütz (@xdavidhu) WebRTC Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A remote attacker may be able to cause a denial of service Description: A null pointer dereference was addressed with improved input validation. CVE-2021-23841: Tavis Ormandy of Google CVE-2021-30698: Tavis Ormandy of Google Wi-Fi Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An attacker in WiFi range may be able to force a client to use a less secure authentication mechanism Description: A logic issue was addressed with improved validation. CVE-2021-30667: Raul Siles of DinoSec (@dinosec) Additional recognition AVEVideoEncoder We would like to acknowledge @08Tc3wBB for their assistance. CommCenter We would like to acknowledge CHRISTIAN MINA and Stefan Sterz (@0x7374) of Secure Mobile Networking Lab at TU Darmstadt and Industrial Software at TU Wien for their assistance. CoreCapture We would like to acknowledge Zuozhi Fan (@pattern_F_) of Ant- financial TianQiong Security Lab for their assistance. ImageIO We would like to acknowledge Jzhu working with Trend Micro Zero Day Initiative and an anonymous researcher for their assistance. Kernel We would like to acknowledge Saar Amar (@AmarSaar) for their assistance. Mail Drafts We would like to acknowledge Lauritz Holtmann (@_lauritz_) for their assistance. NetworkExtension We would like to acknowledge Matthias Ortmann of Secure Mobile Networking Lab for their assistance. WebKit We would like to acknowledge Chris Salls (@salls) of Makai Security for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About * The version after applying this update will be "14.6" Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmCtU9AACgkQZcsbuWJ6 jjAtCQ//auqQ5YsUCBz4i00PEoOfnZiFYGfXzFlA4uYymaH0vCABC4KOg9HqjZHa krqB08YNp79k7Q+nXbCy4DHw10Pm2DGoDjvgk+sR46FhNC5kRVvYhNmRQ4sInT31 Nq55YvwU1pSW0Mlvm2x2EAr3qEJZws2snotb9E5cc/i2XAYKzcoia+jGhjJO8uub 4a4Cbg0HkDxpFKDty0RRlCm19DLt2haGjf+HLC0sFlaKMZTG+OPvomszPTB6gXXp RWHc9a6jLg0gi6GRMTTd8Y0QasZrCN17VbjRgM+zXVOq3Q+pZ4/ny6jqs9WW4FCL P//0DKnaYFpOBcGzqGt3fh1BEQGuCcsYhjTP1NifAnviXNC5Q9DOlFbJEBDl6Ngo IlbLSBpllWd+usrAFSxCAaw28xsjJzNbqMlGQfj/xg1l7xHqczmryszBW5n3F92p XXYMJeUrQd7gWJSK3lPmHBjJug0wdHqL0mMkTafyTtbCuDZBAKcPwDQAjv/O6o72 LBCVjFR6AJVoiqhteT5HtRG9S8TItV3p9lizA4Q9Yt93HI9gIe1dwKUgC5Kdoxjd Oo57UvtUooV3aRl4SnBxh0eHiSu76gvBcsv4ZPaNCXT+OzE/cBoGaW5FJ/mB4Gwc 8drcqnRsF1i6qnvmBmcq180ucKmxW1zZyjUqt2Fvigygzl5dwx4= =Q8uh -----END PGP SIGNATURE----- . Apple is aware of a report that this issue may have been actively exploited. Apple is aware of a report that this issue may have been actively exploited

Trust: 2.79

sources: NVD: CVE-2021-30687 // JVNDB: JVNDB-2021-013551 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-390420 // VULMON: CVE-2021-30687 // PACKETSTORM: 162820 // PACKETSTORM: 162821 // PACKETSTORM: 162823 // PACKETSTORM: 162825 // PACKETSTORM: 162827

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	lte	version:	10.15.6	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	14.6	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	11.4	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lte	version:	10.14.5	Trust: 1.0
vendor:	apple	model:	ipados	scope:	lt	version:	14.6	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.14.6	Trust: 1.0
vendor:	apple	model:	watchos	scope:	lt	version:	7.5	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	gte	version:	10.14	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	gte	version:	10.15	Trust: 1.0
vendor:	apple	model:	tvos	scope:	lt	version:	14.6	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.15.7	Trust: 1.0
vendor:	apple	model:	macos	scope:	gte	version:	11.0	Trust: 1.0
vendor:	アップル	model:	apple mac os x	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	ipados	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	watchos	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	ios	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	macos	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	tvos	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-013551 // NVD: CVE-2021-30687

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-30687
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2021-30687
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202105-1553
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-390420
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2021-30687
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-30687
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-390420
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-30687
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2021-30687
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-390420 // VULMON: CVE-2021-30687 // JVNDB: JVNDB-2021-013551 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202105-1553 // NVD: CVE-2021-30687

PROBLEMTYPE DATA

problemtype:	CWE-125	Trust: 1.1
problemtype:	Out-of-bounds read (CWE-125) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-390420 // JVNDB: JVNDB-2021-013551 // NVD: CVE-2021-30687

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202105-1553

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-390420

PATCH

title:	HT212532 Apple Security update	url:	https://support.apple.com/en-us/HT212528	Trust: 0.8
title:	Apple tvOS Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=151738	Trust: 0.6
title:	Apple: iOS 14.6 and iPadOS 14.6	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=aebc753d2fbbe6784a52339b16fd5417	Trust: 0.1

sources: VULMON: CVE-2021-30687 // JVNDB: JVNDB-2021-013551 // CNNVD: CNNVD-202105-1553

EXTERNAL IDS

db:	NVD	id:	CVE-2021-30687	Trust: 3.9
db:	PACKETSTORM	id:	162820	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-013551	Trust: 0.8
db:	CNNVD	id:	CNNVD-202105-1553	Trust: 0.7
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	CS-HELP	id:	SB2021052503	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1794	Trust: 0.6
db:	PACKETSTORM	id:	162827	Trust: 0.2
db:	PACKETSTORM	id:	162825	Trust: 0.2
db:	PACKETSTORM	id:	162823	Trust: 0.2
db:	PACKETSTORM	id:	162821	Trust: 0.2
db:	VULHUB	id:	VHN-390420	Trust: 0.1
db:	VULMON	id:	CVE-2021-30687	Trust: 0.1

sources: VULHUB: VHN-390420 // VULMON: CVE-2021-30687 // JVNDB: JVNDB-2021-013551 // PACKETSTORM: 162820 // PACKETSTORM: 162821 // PACKETSTORM: 162823 // PACKETSTORM: 162825 // PACKETSTORM: 162827 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202105-1553 // NVD: CVE-2021-30687

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2021-30687	Trust: 1.9
url:	https://support.apple.com/en-us/ht212528	Trust: 1.8
url:	https://support.apple.com/en-us/ht212529	Trust: 1.8
url:	https://support.apple.com/en-us/ht212530	Trust: 1.8
url:	https://support.apple.com/en-us/ht212531	Trust: 1.8
url:	https://support.apple.com/en-us/ht212532	Trust: 1.8
url:	https://support.apple.com/en-us/ht212533	Trust: 1.8
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://packetstormsecurity.com/files/162820/apple-security-advisory-2021-05-25-4.html	Trust: 0.6
url:	https://vigilance.fr/vulnerability/apple-ios-multiple-vulnerabilities-35513	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021052503	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1794	Trust: 0.6
url:	https://www.apple.com/support/security/pgp/	Trust: 0.5
url:	https://support.apple.com/kb/ht201222	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30685	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30681	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30697	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30693	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30691	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30692	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-21779	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30689	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30705	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30704	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30707	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30686	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30677	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30700	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30682	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30701	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36228	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1884	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36222	Trust: 0.2
url:	https://support.apple.com/downloads/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30669	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36221	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36225	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30676	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36226	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36224	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36229	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36223	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30679	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30678	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36230	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36227	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30683	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1883	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30695	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30694	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30744	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30715	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30749	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30740	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30710	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30737	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30736	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30720	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30727	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30724	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30734	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/125.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://support.apple.com/kb/ht212528	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30684	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30671	Trust: 0.1
url:	https://support.apple.com/ht212530.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30673	Trust: 0.1
url:	https://support.apple.com/ht212531.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30690	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30709	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30708	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30698	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30699	Trust: 0.1
url:	https://www.apple.com/itunes/	Trust: 0.1
url:	https://support.apple.com/ht212528.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30674	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-23841	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30667	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30663	Trust: 0.1
url:	https://support.apple.com/ht212532.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30665	Trust: 0.1
url:	https://support.apple.com/ht212533.	Trust: 0.1

CREDITS

Apple

Trust: 0.5

sources: PACKETSTORM: 162820 // PACKETSTORM: 162821 // PACKETSTORM: 162823 // PACKETSTORM: 162825 // PACKETSTORM: 162827

SOURCES

db:	VULHUB	id:	VHN-390420
db:	VULMON	id:	CVE-2021-30687
db:	JVNDB	id:	JVNDB-2021-013551
db:	PACKETSTORM	id:	162820
db:	PACKETSTORM	id:	162821
db:	PACKETSTORM	id:	162823
db:	PACKETSTORM	id:	162825
db:	PACKETSTORM	id:	162827
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202105-1553
db:	NVD	id:	CVE-2021-30687

LAST UPDATE DATE

2024-08-14T12:42:28.514000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-390420	date:	2021-09-17T00:00:00
db:	VULMON	id:	CVE-2021-30687	date:	2021-09-17T00:00:00
db:	JVNDB	id:	JVNDB-2021-013551	date:	2022-09-15T07:54:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202105-1553	date:	2021-09-18T00:00:00
db:	NVD	id:	CVE-2021-30687	date:	2021-09-17T21:27:08.367

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-390420	date:	2021-09-08T00:00:00
db:	VULMON	id:	CVE-2021-30687	date:	2021-09-08T00:00:00
db:	JVNDB	id:	JVNDB-2021-013551	date:	2022-09-15T00:00:00
db:	PACKETSTORM	id:	162820	date:	2021-05-26T17:46:02
db:	PACKETSTORM	id:	162821	date:	2021-05-26T17:46:16
db:	PACKETSTORM	id:	162823	date:	2021-05-26T17:48:03
db:	PACKETSTORM	id:	162825	date:	2021-05-26T17:50:13
db:	PACKETSTORM	id:	162827	date:	2021-05-26T17:50:55
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202105-1553	date:	2021-05-25T00:00:00
db:	NVD	id:	CVE-2021-30687	date:	2021-09-08T15:15:14.610