PT-2021-18804 · Apple · Ios+3

Ck01

Published

2021-05-24

Updated

2021-09-20

CVE-2021-30681

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions macOS versions prior to Big Sur 11.4 iOS versions prior to 14.6 iPadOS versions prior to 14.6 watchOS versions prior to 7.5

Description A validation issue existed in the handling of symlinks, which has been addressed with improved validation. This could have allowed a malicious application to gain root privileges.

Recommendations For macOS versions prior to Big Sur 11.4, update to macOS Big Sur 11.4 or later. For iOS versions prior to 14.6, update to iOS 14.6 or later. For iPadOS versions prior to 14.6, update to iPadOS 14.6 or later. For watchOS versions prior to 7.5, update to watchOS 7.5 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2021-30681

Affected Products

Apple Macos

Ios

Ipados

Watchos

PT-2021-18804 · Apple · Ios+3

CVE-2021-30681

Weakness Enumeration

Related Identifiers

Affected Products

References · 9