Apple Watchos 8 vulnerabilities

CVE-2021-30925 [CRITICAL] CVE-2021-30925: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30925 Component: Sandbox Impact: A malicious application may be able to bypass Privacy preferences Description: The issue was addressed with improved permissions logic.

CVE-2021-30834 [HIGH] CVE-2021-30834: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30834 Component: CoreAudio Impact: Processing a malicious audio file may result in unexpected application termination or arbitrary code execution Description: A logic issue was addressed with improved state management.

CVE-2021-30851 [HIGH] CVE-2021-30851: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30851 Component: WebKit Impact: Processing maliciously crafted web content may lead to code execution Description: A memory corruption vulnerability was addressed with improved locking.

CVE-2021-30840 [HIGH] CVE-2021-30840: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30840 Component: FontParser Impact: Processing a maliciously crafted dfont file may lead to arbitrary code execution Description: This issue was addressed with improved checks.

CVE-2021-30818 [HIGH] CVE-2021-30818: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30818 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved state handling.

CVE-2021-30843 [HIGH] CVE-2021-30843: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30843 Component: FontParser Impact: Processing a maliciously crafted dfont file may lead to arbitrary code execution Description: This issue was addressed with improved checks.

CVE-2021-30847 [HIGH] CVE-2021-30847: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30847 Component: ImageIO Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: This issue was addressed with improved checks.

CVE-2021-30814 [HIGH] CVE-2021-30814: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30814 Component: ImageIO Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation.

CVE-2021-30842 [HIGH] CVE-2021-30842: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30842 Component: FontParser Impact: Processing a maliciously crafted dfont file may lead to arbitrary code execution Description: This issue was addressed with improved checks.

CVE-2021-30835 [HIGH] CVE-2021-30835: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30835 Component: ImageIO Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: This issue was addressed with improved checks.

CVE-2021-30928 [HIGH] CVE-2021-30928: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30928 Component: CoreGraphics Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation.

CVE-2021-30882 [HIGH] CVE-2021-30882: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30882 Component: FaceTime Impact: An application with microphone permission may unexpectedly access microphone input during a FaceTime call Description: A logic issue was addressed with improved validation.

CVE-2021-30837 [HIGH] CVE-2021-30837: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30837 Component: Accessory Manager Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory consumption issue was addressed with improved memory handling.

CVE-2021-30854 [HIGH] CVE-2021-30854: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30854 Component: Preferences Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A logic issue was addressed with improved state management.

CVE-2021-30852 [HIGH] CVE-2021-30852: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30852 Component: Foundation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling.

CVE-2021-30841 [HIGH] CVE-2021-30841: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30841 Component: FontParser Impact: Processing a maliciously crafted dfont file may lead to arbitrary code execution Description: This issue was addressed with improved checks.

CVE-2021-30809 [HIGH] CVE-2021-30809: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30809 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management.

CVE-2021-30857 [HIGH] CVE-2021-30857: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30857 Component: Kernel Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking.

CVE-2021-30849 [HIGH] CVE-2021-30849: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30849 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2021-30846 [HIGH] CVE-2021-30846: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30846 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling.