CVE-2021-1873: An API issue in Accessibility TCC permissions was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002…

medium6.5CVSS 3.1

AVNACLPRNUIRSUCHINAN

An API issue in Accessibility TCC permissions was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A malicious application may be able to unexpectedly leak a user's credentials from secure text fields.

Affected

11 ranges

Vendor	Product	Version range	Fixed in
apple	mac_os_x	—	—
apple	mac_os_x	—	—
apple	mac_os_x	—	—
apple	mac_os_x	10.14 – 10.14.5	—
apple	mac_os_x	10.15 – 10.15.5	—
apple	macos	>= 11.0 < 11.3	11.3
apple	macos	>= unspecified < 11.3	11.3
apple	macos	>= unspecified < 2021	2021
apple	macos_big_sur	—	—
apple	security_update_2021-002_catalina	—	—
google	chrome_chrome	—	—