PT-2021-4697 · Apple · Ipados+3
Published
2021-07-26
·
Updated
2025-10-23
·
CVE-2021-30807
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
macOS versions prior to 11.5.1
iOS versions prior to 14.7.1
iPadOS versions prior to 14.7.1
watchOS versions prior to 7.6.1
Description
The issue is a memory corruption flaw within the IOMobileFramebuffer extension of the operating system kernel. This flaw stems from out-of-bounds write operations in memory handling. Successful exploitation of this issue could allow an attacker to execute arbitrary code with kernel privileges. Apple has reported that this issue may have been actively exploited. The vulnerability affects the
AppleCLCD component and involves the IOConnectCallScalarMethod function.Recommendations
macOS versions prior to 11.5.1: Update to version 11.5.1 or later.
iOS versions prior to 14.7.1: Update to version 14.7.1 or later.
iPadOS versions prior to 14.7.1: Update to version 14.7.1 or later.
watchOS versions prior to 7.6.1: Update to version 7.6.1 or later.
Exploit
Fix
Buffer Overflow
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Apple Macos
Ios
Ipados
Watchos