CVE-2021-30863 — Apple IOS AND Ipados vulnerability

2 documents2 sources

Severity

6.8MEDIUMNVD

EPSS

0.1%

top 81.86%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple IOS AND Ipados Apple Ipados Apple Iphone OS +1 more

Timeline

PublishedAug 24

Latest updateSep 20

Description

This issue was addressed by improving Face ID anti-spoofing models. This issue is fixed in iOS 15 and iPadOS 15. A 3D model constructed to look like the enrolled user may be able to authenticate via Face ID.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages4 packages

▶NVDapple/ipados< 15.0

▶CVEListV5apple/ios_and_ipadosunspecified — 15

▶Appleapple/ios_15_and_ipados15

▶NVDapple/iphone_os< 15.0

📋Vendor Advisories

Apple

CVE-2021-30863: iOS 15 and iPadOS 15↗2021-09-20

▶