← back
CVE-2021-30737

CVE-2021-30737

EPSS 1.5%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.5%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
08 Sep 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, iOS 12.5.4, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted certificate may lead to arbitrary code execution.
Affected products
Apple · iOS and iPadOSApple · macOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.apple.com/en-us/HT212528https://support.apple.com/en-us/HT212529https://support.apple.com/en-us/HT212530https://support.apple.com/en-us/HT212531https://support.apple.com/en-us/HT212532https://support.apple.com/en-us/HT212533https://support.apple.com/en-us/HT212548