Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistAppleCVELIST:CVE-2021-30737
HistorySep 08, 2021 - 1:43 p.m.

CVE-2021-30737

2021-09-0813:43:42
apple
www.cve.org
6
memory corruption
asn.1 decoder
apple products
security update
arbitrary code execution

AI Score

8.7

Confidence

High

EPSS

0.004

Percentile

73.1%

JSON

A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, iOS 12.5.4, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted certificate may lead to arbitrary code execution.

CNA Affected

[
  {
    "product": "iOS and iPadOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "14.6",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "macOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "11.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "macOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "2021",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "macOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "2021",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "macOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "14.6",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "macOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "7.5",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "macOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "12.5",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Related

googleprojectzero 4
prion 1
nvd 1
cve 1
apple 7
nessus 3
thn 1
openvas 1
googleprojectzero
googleprojectzero
FORCEDENTRY: Sandbox Escape
2022-03-31 00:00:00
CVE-2021-30737, @xerub's 2021 iOS ASN.1 Vulnerability
2022-04-07 00:00:00
CVE-2021-1782, an iOS in-the-wild vulnerability in vouchers
2022-04-14 00:00:00
prion
prion
Memory corruption
2021-09-08 14:15:00
nvd
nvd
CVE-2021-30737
2021-09-08 14:15:09
cve
cve
CVE-2021-30737
2021-09-08 14:15:09
apple
apple
About the security content of iOS 12.5.4
2021-06-14 00:00:00
About the security content of watchOS 7.5
2021-05-24 00:00:00
About the security content of tvOS 14.6
2021-05-24 00:00:00
nessus
nessus
Apple iOS < 12.5.4 Multiple Vulnerabilities (HT212548)
2021-06-17 00:00:00
Apple TV < 14.6 Multiple Vulnerabilities
2021-05-27 00:00:00
macOS 11.x < 11.4 (HT212529)
2021-05-26 00:00:00
thn
thn
Apple Issues Urgent Patches for 2 Zero-Day Flaws Exploited in the Wild
2021-06-15 03:32:00
openvas
openvas
Apple Mac OS X Security Update (HT212529)
2022-09-01 00:00:00

AI Score

8.7

Confidence

High

EPSS

0.004

Percentile

73.1%

JSON
Related for CVELIST:CVE-2021-30737
googleprojectzero4prion1nvd1cve1apple7nessus3thn1openvas1