CVE-2021-30992
CVE-2021-30992
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
24 Aug 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
This issue was addressed with improved handling of file metadata. This issue is fixed in iOS 15.2 and iPadOS 15.2. A user in a FaceTime call may unexpectedly leak sensitive user information through Live Photos metadata.
Affected products
Apple · iOS and iPadOSReferences
https://support.apple.com/en-us/HT212976