Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.MACOS_HT212872.NASL
HistoryOct 29, 2021 - 12:00 a.m.

macOS 11.x < 11.6.1 (HT212872)

2021-10-2900:00:00
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
63
JSON

The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.6.1 Big Sur. It is, therefore, affected by multiple vulnerabilities including the following:

  • A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges. (CVE-2021-30899)

  • A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1.
    Processing a maliciously crafted image may lead to arbitrary code execution. (CVE-2021-30917)

  • An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted PDF may lead to arbitrary code execution. (CVE-2021-30919)

Note that Nessus has not tested for these issues but has instead relied only on the operating system’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(154717);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/04/25");

  script_cve_id(
    "CVE-2021-30821",
    "CVE-2021-30824",
    "CVE-2021-30868",
    "CVE-2021-30876",
    "CVE-2021-30877",
    "CVE-2021-30879",
    "CVE-2021-30880",
    "CVE-2021-30881",
    "CVE-2021-30883",
    "CVE-2021-30892",
    "CVE-2021-30899",
    "CVE-2021-30901",
    "CVE-2021-30906",
    "CVE-2021-30907",
    "CVE-2021-30908",
    "CVE-2021-30909",
    "CVE-2021-30910",
    "CVE-2021-30911",
    "CVE-2021-30912",
    "CVE-2021-30913",
    "CVE-2021-30915",
    "CVE-2021-30916",
    "CVE-2021-30917",
    "CVE-2021-30919"
  );
  script_xref(name:"APPLE-SA", value:"HT212872");
  script_xref(name:"APPLE-SA", value:"APPLE-SA-2021-10-26-4");
  script_xref(name:"IAVA", value:"2021-A-0505-S");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/06/13");

  script_name(english:"macOS 11.x < 11.6.1 (HT212872)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a macOS security update.");
  script_set_attribute(attribute:"description", value:
"The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.6.1 Big Sur. It is, therefore,
affected by multiple vulnerabilities including the following:

  - A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1,
    Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute
    arbitrary code with kernel privileges. (CVE-2021-30899)

  - A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with
    improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS
    14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1.
    Processing a maliciously crafted image may lead to arbitrary code execution. (CVE-2021-30917)

  - An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 15.1 and
    iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update
    2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted PDF may lead to arbitrary code
    execution. (CVE-2021-30919)

Note that Nessus has not tested for these issues but has instead relied only on the operating system's self-reported
version number.");
  script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT212872");
  script_set_attribute(attribute:"solution", value:
"Upgrade to macOS 11.6.1 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-30916");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2021-30919");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/10/25");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/10/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/10/29");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:macos");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_ports("Host/MacOSX/Version", "Host/local_checks_enabled", "Host/MacOSX/packages/boms");

  exit(0);
}
include('vcf.inc');
include('vcf_extras_apple.inc');

var app_info = vcf::apple::macos::get_app_info();
var constraints = [{'min_version': '11.0', 'fixed_version': '11.6.1', 'fixed_display': 'macOS Big Sur 11.6.1'}];

vcf::apple::macos::check_version_and_report(
  app_info:app_info,
  constraints:constraints,
  severity:SECURITY_HOLE
);
VendorProductVersionCPE
applemac_os_xcpe:/o:apple:mac_os_x
applemacoscpe:/o:apple:macos

References

Related

nessus 5
openvas 3
apple 10
malwarebytes 4
prion 24
cve 24
zdi 2
attackerkb 1
thn 6
cisa 1
threatpost 4
cisa_kev 1
mmpc 1
mssecure 2
trellix 2
krebs 1
qualysblog 1
googleprojectzero 1
nessus
nessus
macOS 10.15.x < Catalina Security Update 2021-007 Catalina (HT212871)
2021-11-01 00:00:00
macOS 12.x < 12.0.1 (HT212869)
2021-10-29 00:00:00
Apple iOS < 14.8.1 Multiple Vulnerabilities (HT212868)
2021-10-29 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT212872)
2021-10-28 00:00:00
Apple Mac OS X Security Update (HT212147)HT212871
2021-10-28 00:00:00
Apple Mac OS X Security Update (HT212869)
2022-09-22 00:00:00
apple
apple
About the security content of macOS Big Sur 11.6.1
2021-10-25 00:00:00
About the security content of Security Update 2021-007 Catalina
2021-10-25 00:00:00
About the security content of iOS 14.8.1 and iPadOS 14.8.1
2021-10-26 00:00:00
malwarebytes
malwarebytes
Update now! Apple patches bugs in iOS and iPadOS
2021-10-27 12:23:08
Update now! Apple patches another actively used zero-day
2022-01-27 21:56:12
Hermit spyware is deployed with the help of a victim’s ISP
2022-06-29 10:03:54
prion
prion
Race condition
2021-08-24 19:15:00
Memory corruption
2021-08-24 19:15:00
Memory corruption
2021-10-28 19:15:00
cve
cve
CVE-2021-30880
2021-08-24 19:15:00
CVE-2021-30913
2021-08-24 19:15:00
CVE-2021-30901
2021-08-24 19:15:00
zdi
zdi
Apple macOS ModelIO ABC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
2021-11-30 00:00:00
Apple macOS CoreGraphics PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2022-02-16 00:00:00
attackerkb
attackerkb
CVE-2021-30883
2021-08-24 00:00:00
thn
thn
New 'Shrootless' Bug Could Let Attackers Install Rootkit on macOS Systems
2021-10-29 11:03:00
Expert Details macOS Bug That Could Let Malware Bypass Gatekeeper Security
2021-12-24 13:07:00
Microsoft Details Critical Apple macOS Vulnerability Allowing SIP Protection Bypass
2023-05-31 11:57:00
cisa
cisa
Apple Releases Security Update to Address CVE-2021-30883
2021-10-12 00:00:00
threatpost
threatpost
Apple Patches Critical iOS Bugs; One Under Attack
2021-10-27 16:14:24
Apple macOS Flaw Allows Kernel-Level Compromise
2021-11-02 15:50:51
Apple Releases Urgent iOS Updates to Patch New Zero-Day Bug
2021-10-12 15:17:38
cisa_kev
cisa_kev
Apple Multiple Products Memory Corruption Vulnerability
2022-05-23 00:00:00
mmpc
mmpc
Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection
2021-10-28 16:00:13
mssecure
mssecure
Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection
2021-10-28 16:00:13
New macOS vulnerability, Migraine, could bypass System Integrity Protection
2023-05-30 16:00:00
trellix
trellix
The Bug Report – October Edition
2021-11-02 00:00:00
The Bug Report – October Edition
2021-11-02 00:00:00
krebs
krebs
Patch Tuesday, October 2021 Edition
2021-10-12 19:52:09
qualysblog
qualysblog
Apple fixes zero-day in iOS and iPadOS 15.0.2 emergency release: Detect and Prioritize Vulnerabilities using VMDR for Mobile Devices
2021-10-18 07:41:18
googleprojectzero
googleprojectzero
The More You Know, The More You Know You Don’t Know
2022-04-19 00:00:00
JSON
Related for MACOS_HT212872.NASL
nessus5openvas3apple10malwarebytes4prion24cve24zdi2attackerkb1thn6cisa1threatpost4cisa_kev1mmpc1mssecure2trellix2krebs1qualysblog1googleprojectzero1