Apple Watchos 8 vulnerabilities

CVE-2021-30831 [MEDIUM] CVE-2021-30831: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30831 Component: FontParser Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2021-30884 [MEDIUM] CVE-2021-30884: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30884 Component: WebKit Impact: Visiting a maliciously crafted website may reveal a user's browsing history Description: The issue was resolved with additional restrictions on CSS compositing.

CVE-2021-30811 [MEDIUM] CVE-2021-30811: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30811 Component: AppleMobileFileIntegrity Impact: A local attacker may be able to read sensitive information Description: This issue was addressed with improved checks.

CVE-2021-30823 [MEDIUM] CVE-2021-30823: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30823 Component: WebKit Impact: An attacker in a privileged network position may be able to bypass HSTS Description: A logic issue was addressed with improved restrictions.

CVE-2021-30855 [MEDIUM] CVE-2021-30855: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30855 Component: Preferences Impact: An application may be able to access restricted files Description: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.

CVE-2021-30836 [MEDIUM] CVE-2021-30836: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30836 Component: WebKit Impact: Processing a maliciously crafted audio file may disclose restricted memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2021-30808 [MEDIUM] CVE-2021-30808: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30808 Component: Sandbox Impact: A malicious application may be able to modify protected parts of the file system Description: This issue was addressed with improved checks.

CVE-2013-0340 [MEDIUM] CVE-2013-0340: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2013-0340 Component: Kernel Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking.

CVE-2021-30810 [MEDIUM] CVE-2021-30810: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30810 Component: Wi-Fi Impact: An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup Description: An authorization issue was addressed with improved state management.

CVE-2021-30866 [MEDIUM] CVE-2021-30866: watchOS 8 Apple Security Update: About the security content of watchOS 8 Product: watchOS 8 CVE: CVE-2021-30866 Component: AppleMobileFileIntegrity Impact: A local attacker may be able to read sensitive information Description: This issue was addressed with improved checks.