cbcvebase.
CVE-2021-30900
published 2021-08-24

CVE-2021-30900: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1. A…

PriorityP182high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2023-04-20
Exploited in the wild
EPSS
5.20%
91.4th percentile
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1. A malicious application may be able to execute arbitrary code with kernel privileges.

Affected

10 ranges
VendorProductVersion rangeFixed in
appleios_14.8.1_and_ipados
appleios_15.1_and_ipados
appleios_and_ipados>= unspecified < 15.115.1
appleios_and_ipados>= unspecified < 14.814.8
appleipados< 14.8.114.8.1
appleipados
appleiphone_os< 14.8.114.8.1
appleiphone_os
applemacos< 11.6.111.6.1
applemacos_big_sur

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability resides in GPU Drivers component; a malicious application exploiting this CVE would target GPU driver attack surface to achieve an out-of-bounds write leading to kernel-level code execution
  • Affected component is GPU Drivers on iOS, iPadOS, and macOS — focus kernel/GPU driver telemetry and crash logs for anomalous out-of-bounds write activity originating from user-space applications
  • ·This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog, confirming active in-the-wild exploitation; treat unpatched devices as high-priority
  • ·Fixed versions are iOS/iPadOS 14.8.1, iOS/iPadOS 15.1, and macOS Big Sur 11.6.1 — devices running earlier versions remain vulnerable

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vulncheck7.8HIGH
cisa7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.