CVE-2021-30871Apple Macos vulnerability

3 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 73.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Apple IOSApple MacosApple Iphone OS+1 more
Timeline
PublishedAug 24

Description

This issue was addressed with a new entitlement. This issue is fixed in iOS 14.7, watchOS 7.6, macOS Big Sur 11.5. A local attacker may be able to access analytics data.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages5 packages

CVEListV5apple/macosunspecified11.5+1
NVDapple/macos< 11.5
NVDapple/watchos< 7.6
CVEListV5apple/iosunspecified14.7
NVDapple/iphone_os< 14.7

🔴Vulnerability Details

1
CVEList
CVE-2021-30871: This issue was addressed with a new entitlement2021-08-24

📋Vendor Advisories

1
Apple
CVE-2021-30871: iOS 14.7 and iPadOS 14.7
CVE-2021-30871 — Apple Macos vulnerability | cvebase