CVE-2021-30757 — Apple Imovie vulnerability

3 documents3 sources

Severity

5.5MEDIUMNVD

EPSS

0.2%

top 51.90%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Imovie

Timeline

PublishedSep 8

Latest updateMay 24

Description

This issue was addressed by enabling hardened runtime. This issue is fixed in iMovie 10.2.4. Entitlements and privacy permissions granted to this app may be used by a malicious app.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

▶CVEListV5apple/imovieunspecified — 10.2

▶NVDapple/imovie< 10.2.4

▶Appleapple/imovie10.2.4

🔴Vulnerability Details

GHSA

GHSA-wc8m-7c87-vf87: This issue was addressed by enabling hardened runtime↗2022-05-24

▶

📋Vendor Advisories

Apple

CVE-2021-30757: iMovie 10.2.4↗2021-06-17

▶