Vulnerability CVE-2021-30663

Vulnerability CVE-2021-30663

Published: 2021-09-08

Description:

An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution.

Type:

CWE-190

(Integer Overflow or Wraparound)

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.8/10	6.4/10	8.6/10

Exploit range	Attack complexity	Authentication
Remote	Medium	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	Partial

Affected software
Apple -> Macos
Apple -> Safari
Apple -> Ipados
Apple -> Iphone os
Apple -> TVOS

References:

https://support.apple.com/en-us/HT212341

https://support.apple.com/en-us/HT212534

https://support.apple.com/en-us/HT212336

https://support.apple.com/en-us/HT212532

https://support.apple.com/en-us/HT212335

Copyright 2024, cxsecurity.com