PT-2021-18870 · Apple · Apple Macos+3

3Ndy1

Published

2021-07-21

Updated

2021-09-15

CVE-2021-30787

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions macOS versions prior to 11.5 Security Update versions prior to 2021-004 on Catalina Security Update versions prior to 2021-005 on Mojave

Description The issue allows an application to potentially cause unexpected system termination or write kernel memory due to an out-of-bounds write privilege escalation. This could be exploited through the process token BindQueryStoreRegisterToMemoryList function.

Recommendations For macOS versions prior to 11.5, update to macOS Big Sur 11.5. For Catalina, apply Security Update 2021-004. For Mojave, apply Security Update 2021-005.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-30787

ZDI-21-944

Affected Products

Big Sur

Catalina

Apple Macos

Mojave

PT-2021-18870 · Apple · Apple Macos+3

CVE-2021-30787

Related Identifiers

Affected Products

References · 8