PT-2021-19043 · Apple · Tvos+3

Csaba Fitzl

Published

2021-07-21

Updated

2022-05-31

CVE-2021-31006

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions watchOS versions prior to 7.6 tvOS versions prior to 14.7 macOS Big Sur versions prior to 11.5

Description A permissions issue was addressed with improved validation, which may allow a malicious application to bypass certain Privacy preferences.

Recommendations For watchOS versions prior to 7.6, update to watchOS 7.6 to resolve the issue. For tvOS versions prior to 14.7, update to tvOS 14.7 to resolve the issue. For macOS Big Sur versions prior to 11.5, update to macOS Big Sur 11.5 to resolve the issue.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2021-31006

Affected Products

Apple Macos

Macos Big Sur

Tvos

Watchos

PT-2021-19043 · Apple · Tvos+3

CVE-2021-31006

Weakness Enumeration

Related Identifiers

Affected Products

References · 7