CVE-2021-30983
published 2021-08-24CVE-2021-30983: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.2 and iPadOS 15.2. An application may be able to execute…
PriorityP277high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-07-18
Exploited in the wild
EPSS
2.93%
85.4th percentile
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.2 and iPadOS 15.2. An application may be able to execute arbitrary code with kernel privileges.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_and_ipados | >= unspecified < 15.2 | 15.2 |
| apple | ipados | < 15.2 | 15.2 |
| apple | iphone_os | < 15.2 | 15.2 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vulncheck7.8HIGH
cisa7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Project0
The curious tale of a fake Carrier.app - Project Zero
project_zero·2022-06-01·CVSS 7.8
CVE-2021-30983 [HIGH] The curious tale of a fake Carrier.app - Project Zero
Posted by Ian Beer, Google Project Zero
NOTE: This issue was CVE-2021-30983 was fixed in iOS 15.2 in December 2021.
Towards the end of 2021 Google's Threat Analysis Group (TAG) shared an iPhone app with me:
App splash screen showing the Vodafone carrier logo and the text "My Vodafone" (not the legitimate Vodadone app)
Although this looks like the real My Vodafone carrier app available in the App Store, it didn't come from the App Store and is not the real application from Vodafone. TAG suspects that a target receives a link to this app in an SMS, after the attacker asks the carrier to disable the target's mobile data connection. The SMS claims that in order to restore mobile data connectivity, the target must install the carrier app and includes a link to download and i
Project0
2022 0-day In-the-Wild Exploitation…so far - Project Zero
project_zero·2022-06-01·CVSS 8.8
CVE-2016-5128 [HIGH] 2022 0-day In-the-Wild Exploitation…so far - Project Zero
Posted by Maddie Stone, Google Project Zero
This blog post is an overview of a talk, “ 0-day In-the-Wild Exploitation in 2022…so far”, that I gave at the FIRST conference in June 2022. The slides are available here.
For the last three years, we’ve published annual year-in-review reports of 0-days found exploited in the wild. The most recent of these reports is the 2021 Year in Review report, which we published just a few months ago in April. While we plan to stick with that annual cadence, we’re publishing a little bonus report today looking at the in-the-wild 0-days detected and disclosed in the first half of 2022.
As of June 15, 2022, there have been 18 0-days detected and disclosed as exploited in-the-wild in 2022. When we analyzed those 0-days, we found that at least nin
VulnCheck
Apple iOS and iPadOS Buffer Overflow Vulnerability
vulncheck·2021·CVSS 7.8
CVE-2021-30983 [HIGH] CWE-119 Apple iOS and iPadOS Buffer Overflow Vulnerability
Apple iOS and iPadOS Buffer Overflow Vulnerability
Apple iOS and iPadOS contain a buffer overflow vulnerability that could allow an application to execute code with kernel privileges.
Affected: Apple iOS and iPadOS
Required Action: Apply updates per vendor instructions.
Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://blog.google/threat-analysis-group/italian-spyware-vendor-targets-users-in-italy-and-kazakhstan/; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json; https://storage.googleapis.com/gweb-uniblog-publish-prod/documents/Buying_Spying_-_Insights_into_Commercial_Surveillance_Vendors.pdf
Remediation Due: 2022-07-18
CISA
Apple iOS and iPadOS Buffer Overflow Vulnerability
cisa·2022-06-27·CVSS 7.8
CVE-2021-30983 [HIGH] CWE-119 Apple iOS and iPadOS Buffer Overflow Vulnerability
Vulnerability: Apple iOS and iPadOS Buffer Overflow Vulnerability
Affected: Apple iOS and iPadOS
Apple iOS and iPadOS contain a buffer overflow vulnerability that could allow an application to execute code with kernel privileges.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-30983
Remediation Due Date: 2022-07-18
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-08-24
Published
2022-06-27
Added to CISA KEV
Exploited in the wild