CVE-2021-30900
published 2021-08-24CVE-2021-30900: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1. A…
PriorityP182high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2023-04-20
Exploited in the wild
EPSS
5.20%
91.4th percentile
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1. A malicious application may be able to execute arbitrary code with kernel privileges.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_14.8.1_and_ipados | — | — |
| apple | ios_15.1_and_ipados | — | — |
| apple | ios_and_ipados | >= unspecified < 15.1 | 15.1 |
| apple | ios_and_ipados | >= unspecified < 14.8 | 14.8 |
| apple | ipados | < 14.8.1 | 14.8.1 |
| apple | ipados | — | — |
| apple | iphone_os | < 14.8.1 | 14.8.1 |
| apple | iphone_os | — | — |
| apple | macos | < 11.6.1 | 11.6.1 |
| apple | macos_big_sur | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability resides in GPU Drivers component; a malicious application exploiting this CVE would target GPU driver attack surface to achieve an out-of-bounds write leading to kernel-level code execution ↗
- →Affected component is GPU Drivers on iOS, iPadOS, and macOS — focus kernel/GPU driver telemetry and crash logs for anomalous out-of-bounds write activity originating from user-space applications ↗
- ·This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog, confirming active in-the-wild exploitation; treat unpatched devices as high-priority ↗
- ·Fixed versions are iOS/iPadOS 14.8.1, iOS/iPadOS 15.1, and macOS Big Sur 11.6.1 — devices running earlier versions remain vulnerable ↗
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vulncheck7.8HIGH
cisa7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA
Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability
cisa·2023-03-30·CVSS 7.8
CVE-2021-30900 [HIGH] CWE-20 Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability
Vulnerability: Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability
Affected: Apple iOS, iPadOS, and macOS
Apple GPU drivers, included in iOS, iPadOS, and macOS, contain an out-of-bounds write vulnerability that may allow a malicious application to execute code with kernel privileges.
Required Action: Apply updates per vendor instructions.
Notes: https://support.apple.com/en-us/HT21286, https://support.apple.com/en-us/HT212868, https://support.apple.com/kb/HT212872; https://nvd.nist.gov/vuln/detail/CVE-2021-30900
Remediation Due Date: 2023-04-20
Apple
CVE-2021-30900: iOS 14.8.1 and iPadOS 14.8.1
vendor_apple·2021-10-26·CVSS 7.8
CVE-2021-30900 [HIGH] CVE-2021-30900: iOS 14.8.1 and iPadOS 14.8.1
Apple Security Update: About the security content of iOS 14.8.1 and iPadOS 14.8.1
Product: iOS 14.8.1 and iPadOS
Version: 14.8.1
CVE: CVE-2021-30900
Component: GPU Drivers
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: An out-of-bounds write issue was addressed with improved bounds checking.
Apple
CVE-2021-30900: iOS 15.1 and iPadOS 15.1
vendor_apple·2021-10-25·CVSS 7.8
CVE-2021-30900 [HIGH] CVE-2021-30900: iOS 15.1 and iPadOS 15.1
Apple Security Update: About the security content of iOS 15.1 and iPadOS 15.1
Product: iOS 15.1 and iPadOS
Version: 15.1
CVE: CVE-2021-30900
Component: GPU Drivers
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: An out-of-bounds write issue was addressed with improved bounds checking.
Apple
CVE-2021-30900: macOS Big Sur 11.6.1
vendor_apple·2021-10-25·CVSS 7.8
CVE-2021-30900 [HIGH] CVE-2021-30900: macOS Big Sur 11.6.1
Apple Security Update: About the security content of macOS Big Sur 11.6.1
Product: macOS Big Sur
Version: 11.6.1
CVE: CVE-2021-30900
Component: GPU Drivers
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: An out-of-bounds write issue was addressed with improved bounds checking.
VulnCheck
Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability
vulncheck·2021·CVSS 7.8
CVE-2021-30900 [HIGH] CWE-20 Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability
Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability
Apple GPU drivers, included in iOS, iPadOS, and macOS, contain an out-of-bounds write vulnerability that may allow a malicious application to execute code with kernel privileges.
Affected: Apple iOS, iPadOS, and macOS
Required Action: Apply updates per vendor instructions.
Exploitation References: https://blog.google/threat-analysis-group/spyware-vendors-use-0-days-and-n-days-against-popular-platforms/; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
Remediation Due: 2023-04-20
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://support.apple.com/en-us/HT212867https://support.apple.com/en-us/HT212868https://support.apple.com/kb/HT212872https://support.apple.com/en-us/HT212867https://support.apple.com/en-us/HT212868https://support.apple.com/kb/HT212872https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-30900
2021-08-24
Published
2023-03-30
Added to CISA KEV
Exploited in the wild