Lucene search

K
attackerkbAttackerKBAKB:FF274F38-9A0C-47ED-97B9-57C114AB1511
HistoryApr 02, 2021 - 12:00 a.m.

CVE-2021-1879

2021-04-0200:00:00
attackerkb.com
49

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

58.5%

This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been actively exploited…

Recent assessments:

ccondon-r7 at March 29, 2021 4:05pm UTC reported:

This is an actively exploited zero-day in the WebKit browser engine affecting iPhone 6s and later models, as well as a slew of iPad models (and some Apple Watch versions, according to the Bleeping Computer article, though Apple’s characteristically sparse advisory makes no mention of the watch). Discovered by Google’s Threat Analysis Group, requires a user to open maliciously crafted web content. Update those iDevices, kids.

Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

58.5%