CVE-2021-30854 — Apple IOS AND Ipados vulnerability

4 documents2 sources

Severity

8.6HIGHNVD

EPSS

0.3%

top 48.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple IOS AND Ipados Apple Tvos Apple Watchos +4 more

Timeline

PublishedAug 24

Latest updateSep 20

Description

A logic issue was addressed with improved state management. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A sandboxed process may be able to circumvent sandbox restrictions.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:NExploitability: 3.9 | Impact: 4.0

Affected Packages10 packages

▶CVEListV5apple/tvosunspecified — 15

▶NVDapple/tvos< 15.0

▶NVDapple/ipados< 15.0

▶CVEListV5apple/watchosunspecified — 8

▶NVDapple/watchos< 8.0

📋Vendor Advisories

Apple

CVE-2021-30854: iOS 15 and iPadOS 15↗2021-09-20

▶

Apple

CVE-2021-30854: tvOS 15↗2021-09-20

▶

Apple

CVE-2021-30854: watchOS 8↗2021-09-20

▶