Details of VAR-202109-1422

ID

VAR-202109-1422

CVE

CVE-2021-30764

TITLE

(0Day) Apple macOS ImageIO WEBP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Trust: 0.7

sources: ZDI: ZDI-21-893

DESCRIPTION

Processing a maliciously crafted file may lead to arbitrary code execution. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. This issue was addressed with improved checks. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.The specific flaw exists within the ImageIO framework. Crafted data in a WEBP file can trigger a read past the end of an allocated data structure. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Trust: 2.25

sources: NVD: CVE-2021-30764 // ZDI: ZDI-21-893 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-390497 // VULMON: CVE-2021-30764

AFFECTED PRODUCTS

vendor:	apple	model:	tvos	scope:	lt	version:	14.5	Trust: 1.0
vendor:	apple	model:	watchos	scope:	lt	version:	7.4	Trust: 1.0
vendor:	apple	model:	ipados	scope:	lt	version:	14.5	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	14.5	Trust: 1.0
vendor:	apple	model:	macos	scope:	-	version:	-	Trust: 0.7

sources: ZDI: ZDI-21-893 // NVD: CVE-2021-30764

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-30764
value:	HIGH
Trust: 1.0
ZDI:	CVE-2021-30764
value:	LOW
Trust: 0.7
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202107-1711
value:	HIGH
Trust: 0.6
VULHUB:	VHN-390497
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-30764
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-390497
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-30764
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
ZDI:	CVE-2021-30764
baseSeverity:	LOW
baseScore:	3.3
vectorString:	AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	1.4
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-21-893 // VULHUB: VHN-390497 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-1711 // NVD: CVE-2021-30764

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2021-30764

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202107-1711

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:

Apple macOS Buffer error vulnerability fix

url:

http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=157432

Trust: 0.6

sources: CNNVD: CNNVD-202107-1711

EXTERNAL IDS

db:	NVD	id:	CVE-2021-30764	Trust: 2.5
db:	ZDI	id:	ZDI-21-893	Trust: 1.4
db:	ZDI_CAN	id:	ZDI-CAN-12843	Trust: 0.7
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	CS-HELP	id:	SB2021072243	Trust: 0.6
db:	CNNVD	id:	CNNVD-202107-1711	Trust: 0.6
db:	VULHUB	id:	VHN-390497	Trust: 0.1
db:	VULMON	id:	CVE-2021-30764	Trust: 0.1

sources: ZDI: ZDI-21-893 // VULHUB: VHN-390497 // VULMON: CVE-2021-30764 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-1711 // NVD: CVE-2021-30764

REFERENCES

url:	https://support.apple.com/en-us/ht212317	Trust: 1.7
url:	https://support.apple.com/en-us/ht212323	Trust: 1.7
url:	https://support.apple.com/en-us/ht212324	Trust: 1.7
url:	https://www.zerodayinitiative.com/advisories/zdi-21-893/	Trust: 0.7
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30764	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021072243	Trust: 0.6

sources: VULHUB: VHN-390497 // VULMON: CVE-2021-30764 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-1711 // NVD: CVE-2021-30764

CREDITS

Anonymous

Trust: 1.3

sources: ZDI: ZDI-21-893 // CNNVD: CNNVD-202107-1711

SOURCES

db:	ZDI	id:	ZDI-21-893
db:	VULHUB	id:	VHN-390497
db:	VULMON	id:	CVE-2021-30764
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202107-1711
db:	NVD	id:	CVE-2021-30764

LAST UPDATE DATE

2024-08-14T13:03:43.708000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-21-893	date:	2021-07-22T00:00:00
db:	VULHUB	id:	VHN-390497	date:	2021-09-14T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202107-1711	date:	2021-09-16T00:00:00
db:	NVD	id:	CVE-2021-30764	date:	2021-09-14T19:38:39.237

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-21-893	date:	2021-07-22T00:00:00
db:	VULHUB	id:	VHN-390497	date:	2021-09-08T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202107-1711	date:	2021-07-22T00:00:00
db:	NVD	id:	CVE-2021-30764	date:	2021-09-08T14:15:10.380