PT-2021-18843 · Apple · Apple Macos

Csaba Fitzl

+1

·

Published

2021-04-26

·

Updated

2021-09-22

·

CVE-2021-30750

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions macOS versions prior to 11.3
Description The issue allows a malicious application to access the user's recent contacts due to insufficient permissions logic.
Recommendations For versions prior to 11.3, update to macOS Big Sur 11.3 to resolve the issue.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2021-30750

Affected Products

Apple Macos