Details of VAR-202109-1411

ID

VAR-202109-1411

CVE

CVE-2021-30787

TITLE

macOS Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-013667

DESCRIPTION

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to cause unexpected system termination or write kernel memory. macOS Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the AppleIntelKBLGraphics kext. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Apple macOS Big Sur is a mobile application APP of Apple (Apple). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-07-21-2 macOS Big Sur 11.5 macOS Big Sur 11.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212602. AMD Kernel Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2021-30805: ABC Research s.r.o AppKit Available for: macOS Big Sur Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2021-30790: hjy79425575 working with Trend Micro Zero Day Initiative Audio Available for: macOS Big Sur Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-30781: tr3e AVEVideoEncoder Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2021-30748: George Nosenko CoreAudio Available for: macOS Big Sur Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2021-30775: JunDong Xie of Ant Security Light-Year Lab CoreAudio Available for: macOS Big Sur Impact: Playing a malicious audio file may lead to an unexpected application termination Description: A logic issue was addressed with improved validation. CVE-2021-30776: JunDong Xie of Ant Security Light-Year Lab CoreGraphics Available for: macOS Big Sur Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A race condition was addressed with improved state handling. CVE-2021-30786: ryuzaki CoreServices Available for: macOS Big Sur Impact: A malicious application may be able to gain root privileges Description: This issue was addressed with improved checks. CVE-2021-30772: Zhongcheng Li (CK01) CoreServices Available for: macOS Big Sur Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed with improved access restrictions. CVE-2021-30783: Ron Waisberg (@epsilan) CoreStorage Available for: macOS Big Sur Impact: A malicious application may be able to gain root privileges Description: An injection issue was addressed with improved validation. CVE-2021-30777: Tim Michaud(@TimGMichaud) of Zoom Video Communications and Gary Nield of ECSC Group plc CoreText Available for: macOS Big Sur Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-30789: Mickey Jin (@patch1t) of Trend Micro, Sunglin of Knownsec 404 team Crash Reporter Available for: macOS Big Sur Impact: A malicious application may be able to gain root privileges Description: A logic issue was addressed with improved validation. CVE-2021-30774: Yizhuo Wang of Group of Software Security In Progress (G.O.S.S.I.P) at Shanghai Jiao Tong University CVMS Available for: macOS Big Sur Impact: A malicious application may be able to gain root privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-30780: Tim Michaud(@TimGMichaud) of Zoom Video Communications dyld Available for: macOS Big Sur Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A logic issue was addressed with improved validation. CVE-2021-30768: Linus Henze (pinauten.de) FontParser Available for: macOS Big Sur Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An integer overflow was addressed through improved input validation. CVE-2021-30760: Sunglin of Knownsec 404 team FontParser Available for: macOS Big Sur Impact: Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents Description: This issue was addressed with improved checks. CVE-2021-30788: tr3e working with Trend Micro Zero Day Initiative FontParser Available for: macOS Big Sur Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A stack overflow was addressed with improved input validation. CVE-2021-30759: hjy79425575 working with Trend Micro Zero Day Initiative Identity Services Available for: macOS Big Sur Impact: A malicious application may be able to access a user’s recent Contacts Description: A permissions issue was addressed with improved validation. CVE-2021-30803: Csaba Fitzl (@theevilbit) of Offensive Security ImageIO Available for: macOS Big Sur Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-30779: Jzhu, Ye Zhang(@co0py_Cat) of Baidu Security ImageIO Available for: macOS Big Sur Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A buffer overflow was addressed with improved bounds checking. CVE-2021-30785: CFF of Topsec Alpha Team, Mickey Jin (@patch1t) of Trend Micro Intel Graphics Driver Available for: macOS Big Sur Impact: An application may be able to cause unexpected system termination or write kernel memory Description: This issue was addressed with improved checks. CVE-2021-30787: Anonymous working with Trend Micro Zero Day Initiative Intel Graphics Driver Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write was addressed with improved input validation. CVE-2021-30766: Liu Long of Ant Security Light-Year Lab CVE-2021-30765: Liu Long of Ant Security Light-Year Lab IOKit Available for: macOS Big Sur Impact: A local attacker may be able to execute code on the Apple T2 Security Chip Description: Multiple issues were addressed with improved logic. CVE-2021-30784: George Nosenko Kernel Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved state management. CVE-2021-30793: Zuozhi Fan (@pattern_F_) of Ant Security TianQiong Lab Kext Management Available for: macOS Big Sur Impact: A malicious application may be able to bypass Privacy preferences Description: This issue was addressed with improved entitlements. CVE-2021-30778: Csaba Fitzl (@theevilbit) of Offensive Security libxml2 Available for: macOS Big Sur Impact: A remote attacker may be able to cause arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-3518 Model I/O Available for: macOS Big Sur Impact: Processing a maliciously crafted image may lead to a denial of service Description: A logic issue was addressed with improved validation. CVE-2021-30796: Mickey Jin (@patch1t) of Trend Micro Model I/O Available for: macOS Big Sur Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2021-30792: Anonymous working with Trend Micro Zero Day Initiative Model I/O Available for: macOS Big Sur Impact: Processing a maliciously crafted file may disclose user information Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30791: Anonymous working with Trend Micro Zero Day Initiative Sandbox Available for: macOS Big Sur Impact: A malicious application may be able to access restricted files Description: This issue was addressed with improved checks. CVE-2021-30782: Csaba Fitzl (@theevilbit) of Offensive Security TCC Available for: macOS Big Sur Impact: A malicious application may be able to bypass certain Privacy preferences Description: A logic issue was addressed with improved state management. CVE-2021-30798: Mickey Jin (@patch1t) of Trend Micro WebKit Available for: macOS Big Sur Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved state handling. CVE-2021-30758: Christoph Guttandin of Media Codings WebKit Available for: macOS Big Sur Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2021-30795: Sergei Glazunov of Google Project Zero WebKit Available for: macOS Big Sur Impact: Processing maliciously crafted web content may lead to code execution Description: This issue was addressed with improved checks. CVE-2021-30797: Ivan Fratric of Google Project Zero WebKit Available for: macOS Big Sur Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2021-30799: Sergei Glazunov of Google Project Zero Additional recognition configd We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance. CoreText We would like to acknowledge Mickey Jin (@patch1t) of Trend Micro for their assistance. crontabs We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance. Sandbox We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance. Spotlight We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance. Installation note: This update may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmD4r8YACgkQZcsbuWJ6 jjAHog//cJsC4OL9lXnFSg2S4cf/eiIPNiUv4T2I5DvDFsmeUGF0hXsfKkOgNw+9 Mp4qW/3mzVDoB5nQpyjRie/zGNsmpEKLThakL7z9mJs+lYWhBJOJEZMlZqLD/7hZ dtBG2K28Ffw7ATeivEVtIY8LbAbPbwQqDd0HpUgtnJH6SWKL+9n4ZnppR8jJWmwi ltopPIMfzwzon0CejZU+SY2Kfpb5DnerNpthH6idTkgt8btqwoscKzmcvu0Ek8bh aq/0Mv/RbyUw8WIEZuPFICX+4yPVb/WiVFRVTGOiP/97EibqLGrQceiczBPJTfe4 D2aafbG+eyVMujjVMDPs1/q3T1GEZHBmETj7Pqigar/ymSfJfwnwYdhpPyYbffY7 iwUxvH5HFDeiotlMELeqdx/2sIVtMrx8IEtnaofevOcY1BP2gmQR+G849B0Rixn1 phCMK38NMp+jrWpdgx4MwO23puMBDWyRZdWn+dygwG3cPnr9/hdTOKB1B1wgpuys 3R5DbmSkOVWmtq+bumEafkywH7bA04SX9R7+jNwtXfEE82ToMJmEvLR5/PmCiMDM N22My4OWcjOjX8AT8wA732Vi6J2qytxMbkIupa794fy9Oea2WTPlFwcw1YKhP4NO Mvs1tHLJb/hwxc1Nyi4ojPZNYKNn6Gs/E16VEQt+X33bX3vU18E= =fuQ1 -----END PGP SIGNATURE-----

Trust: 3.24

sources: NVD: CVE-2021-30787 // JVNDB: JVNDB-2021-013667 // ZDI: ZDI-21-944 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-390520 // VULMON: CVE-2021-30787 // PACKETSTORM: 163646 // PACKETSTORM: 163647 // PACKETSTORM: 163649

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	lte	version:	10.15.6	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	gte	version:	10.14	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	gte	version:	10.15	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	11.5	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.15.7	Trust: 1.0
vendor:	apple	model:	macos	scope:	gte	version:	11.0	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lte	version:	10.14.5	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.14.6	Trust: 1.0
vendor:	アップル	model:	apple mac os x	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	macos	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	macos	scope:	-	version:	-	Trust: 0.7

sources: ZDI: ZDI-21-944 // JVNDB: JVNDB-2021-013667 // NVD: CVE-2021-30787

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-30787
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-30787
value:	HIGH
Trust: 0.8
ZDI:	CVE-2021-30787
value:	HIGH
Trust: 0.7
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202107-1667
value:	HIGH
Trust: 0.6
VULHUB:	VHN-390520
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-30787
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-390520
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-30787
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2021-30787
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2021-30787
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.1
impactScore:	6.0
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-21-944 // VULHUB: VHN-390520 // JVNDB: JVNDB-2021-013667 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-1667 // NVD: CVE-2021-30787

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-013667 // NVD: CVE-2021-30787

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202107-1667

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:	HT212602 Apple Security update	url:	https://support.apple.com/en-us/HT212600	Trust: 0.8
title:	Apple has issued an update to correct this vulnerability.	url:	https://support.apple.com/HT212602	Trust: 0.7
title:	Apple macOS Big Sur Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=158812	Trust: 0.6

sources: ZDI: ZDI-21-944 // JVNDB: JVNDB-2021-013667 // CNNVD: CNNVD-202107-1667

EXTERNAL IDS

db:	NVD	id:	CVE-2021-30787	Trust: 4.4
db:	ZDI	id:	ZDI-21-944	Trust: 1.3
db:	JVNDB	id:	JVNDB-2021-013667	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-13479	Trust: 0.7
db:	CNNVD	id:	CNNVD-202107-1667	Trust: 0.7
db:	PACKETSTORM	id:	163646	Trust: 0.7
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2490	Trust: 0.6
db:	CS-HELP	id:	SB2021072231	Trust: 0.6
db:	CS-HELP	id:	SB2021072219	Trust: 0.6
db:	CNVD	id:	CNVD-2021-102841	Trust: 0.1
db:	VULHUB	id:	VHN-390520	Trust: 0.1
db:	VULMON	id:	CVE-2021-30787	Trust: 0.1
db:	PACKETSTORM	id:	163647	Trust: 0.1
db:	PACKETSTORM	id:	163649	Trust: 0.1

sources: ZDI: ZDI-21-944 // VULHUB: VHN-390520 // VULMON: CVE-2021-30787 // JVNDB: JVNDB-2021-013667 // PACKETSTORM: 163646 // PACKETSTORM: 163647 // PACKETSTORM: 163649 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-1667 // NVD: CVE-2021-30787

REFERENCES

url:	https://support.apple.com/en-us/ht212602	Trust: 2.3
url:	https://support.apple.com/en-us/ht212600	Trust: 1.7
url:	https://support.apple.com/en-us/ht212603	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30787	Trust: 1.1
url:	https://support.apple.com/ht212602	Trust: 0.7
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021072219	Trust: 0.6
url:	https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-35970	Trust: 0.6
url:	https://www.zerodayinitiative.com/advisories/zdi-21-944/	Trust: 0.6
url:	https://packetstormsecurity.com/files/163646/apple-security-advisory-2021-07-21-2.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021072231	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2490	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30781	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30777	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30790	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30788	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30766	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30765	Trust: 0.3
url:	https://support.apple.com/downloads/	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30780	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30759	Trust: 0.3
url:	https://www.apple.com/support/security/pgp/	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30782	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30760	Trust: 0.3
url:	https://support.apple.com/kb/ht201222	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30783	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30768	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30776	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30789	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30775	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30785	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30799	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30793	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30733	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30672	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30805	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30703	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30677	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30796	Trust: 0.2
url:	http://seclists.org/fulldisclosure/2021/jul/56	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30791	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30772	Trust: 0.1
url:	https://support.apple.com/ht212602.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30786	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30748	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30779	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30758	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30774	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30784	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30778	Trust: 0.1
url:	https://support.apple.com/ht212600.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30731	Trust: 0.1
url:	https://support.apple.com/ht212603.	Trust: 0.1

CREDITS

Anonymous

Trust: 1.3

sources: ZDI: ZDI-21-944 // CNNVD: CNNVD-202107-1667

SOURCES

db:	ZDI	id:	ZDI-21-944
db:	VULHUB	id:	VHN-390520
db:	VULMON	id:	CVE-2021-30787
db:	JVNDB	id:	JVNDB-2021-013667
db:	PACKETSTORM	id:	163646
db:	PACKETSTORM	id:	163647
db:	PACKETSTORM	id:	163649
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202107-1667
db:	NVD	id:	CVE-2021-30787

LAST UPDATE DATE

2024-08-14T12:24:20.474000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-21-944	date:	2021-08-05T00:00:00
db:	VULHUB	id:	VHN-390520	date:	2021-09-15T00:00:00
db:	JVNDB	id:	JVNDB-2021-013667	date:	2022-09-21T07:49:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202107-1667	date:	2021-09-16T00:00:00
db:	NVD	id:	CVE-2021-30787	date:	2021-09-15T20:09:29.947

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-21-944	date:	2021-08-05T00:00:00
db:	VULHUB	id:	VHN-390520	date:	2021-09-08T00:00:00
db:	JVNDB	id:	JVNDB-2021-013667	date:	2022-09-21T00:00:00
db:	PACKETSTORM	id:	163646	date:	2021-07-23T15:30:22
db:	PACKETSTORM	id:	163647	date:	2021-07-23T15:30:33
db:	PACKETSTORM	id:	163649	date:	2021-07-23T15:31:52
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202107-1667	date:	2021-07-21T00:00:00
db:	NVD	id:	CVE-2021-30787	date:	2021-09-08T14:15:11.307