CVE-2021-30757
published 2021-09-08CVE-2021-30757: This issue was addressed by enabling hardened runtime. This issue is fixed in iMovie 10.2.4. Entitlements and privacy permissions granted to this app may be…
PriorityP420medium5.5CVSS 3.1
AVLACLPRNUIRSUCNIHAN
EPSS
0.80%
51.9th percentile
This issue was addressed by enabling hardened runtime. This issue is fixed in iMovie 10.2.4. Entitlements and privacy permissions granted to this app may be used by a malicious app.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | imovie | < 10.2.4 | 10.2.4 |
| apple | imovie | — | — |
| apple | imovie | >= unspecified < 10.2 | 10.2 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wc8m-7c87-vf87: This issue was addressed by enabling hardened runtime
ghsa_unreviewed·2022-05-24
CVE-2021-30757 [MEDIUM] GHSA-wc8m-7c87-vf87: This issue was addressed by enabling hardened runtime
This issue was addressed by enabling hardened runtime. This issue is fixed in iMovie 10.2.4. Entitlements and privacy permissions granted to this app may be used by a malicious app.
Apple
CVE-2021-30757: iMovie 10.2.4
vendor_apple·2021-06-17·CVSS 5.5
CVE-2021-30757 [MEDIUM] CVE-2021-30757: iMovie 10.2.4
Apple Security Update: About the security content of iMovie 10.2.4
Product: iMovie
Version: 10.2.4
CVE: CVE-2021-30757
Component: About Apple security updates
Impact: Entitlements and privacy permissions granted to this app may be used by a malicious app
Description: This issue was addressed by enabling hardened runtime.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-09-08
Published