PT-2021-13587 · Apple · Apple Macos

Published

2021-02-09

Updated

2021-05-04

CVE-2021-1805

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.2.1 macOS Catalina versions prior to 10.15.7 Supplemental Update macOS Mojave versions prior to 10.14.6 Security Update 2021-002

Description: An out-of-bounds write issue was addressed with improved input validation, allowing an application to potentially execute arbitrary code with kernel privileges.

Recommendations: For macOS versions prior to 11.2.1, update to macOS Big Sur 11.2.1. For macOS Catalina versions prior to 10.15.7 Supplemental Update, apply the macOS Catalina 10.15.7 Supplemental Update. For macOS Mojave versions prior to 10.14.6 Security Update 2021-002, apply the macOS Mojave 10.14.6 Security Update 2021-002.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2021-1805

ZDI-21-196

ZDI-21-199

ZDI-21-202

Affected Products

Apple Macos

PT-2021-13587 · Apple · Apple Macos

CVE-2021-1805

Weakness Enumeration

Related Identifiers

Affected Products

References · 12