Lucene search
Ret2systemsZDI-21-790HistoryJul 13, 2021 - 12:00 a.m.
(Pwn2Own) Apple macOS process_token_VPHAL Out-Of-Bounds Write Privilege Escalation Vulnerability
2021-07-1300:00:00
ret2systems
www.zerodayinitiative.com
32
vulnerability
apple
macos
privilege escalation
local attackers
code execution
kernel
EPSS
0.001
Percentile
47.7%
This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphics kext. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.
References
Related
nvd
nvd
CVE-2021-30735
2021-09-08 14:15:09
prion
prion
Out-of-bounds
2021-09-08 14:15:00
cve
cve
CVE-2021-30735
2021-09-08 14:15:09
cvelist
cvelist
CVE-2021-30735
2021-09-08 13:44:03
apple
apple
About the security content of Security Update 2021-004 Mojave
2021-05-24 00:00:00
About the security content of Security Update 2021-003 Catalina
2021-05-24 00:00:00
About the security content of macOS Big Sur 11.4
2021-05-24 00:00:00
nessus
nessus
macOS 11.x < 11.4 (HT212529)
2021-05-26 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT212529)
2022-09-01 00:00:00