PT-2021-13588 · Apple · Apple Macos
Published
2021-02-09
·
Updated
2021-05-04
·
CVE-2021-1806
CVSS v2.0
7.6
High
| Vector | AV:N/AC:H/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
macOS versions prior to 11.2.1
macOS Catalina versions prior to 10.15.7 Supplemental Update
macOS Mojave versions prior to 10.14.6 Security Update 2021-002
Description:
A race condition was addressed with additional validation. This issue allows an application to potentially execute arbitrary code with kernel privileges. The issue is related to a Time-Of-Check Time-Of-Use (TOCTOU) privilege escalation vulnerability.
Recommendations:
For macOS versions prior to 11.2.1, update to macOS Big Sur 11.2.1.
For macOS Catalina versions prior to 10.15.7 Supplemental Update, apply the macOS Catalina 10.15.7 Supplemental Update.
For macOS Mojave versions prior to 10.14.6 Security Update 2021-002, apply the macOS Mojave 10.14.6 Security Update 2021-002.
Fix
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apple Macos