CVE-2021-30942

EPSS 1.5%

Vexday Risk Score

3Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS —EPSS 1.5%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

24 ago 2021Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing a maliciously crafted image may lead to arbitrary code execution.

Productos afectados

Apple · iOS and iPadOS Apple · macOS Apple · watchOS

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://packetstormsecurity.com/files/165559/Apple-ColorSync-Out-Of-Bounds-Read.html https://support.apple.com/en-us/HT212975 https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212979 https://support.apple.com/en-us/HT212980 https://support.apple.com/en-us/HT212981