Attacker Value
Unknown
(1 user assessed)
Exploitability
Unknown
(1 user assessed)
User Interaction
Required
Privileges Required
None
Attack Vector
Network
1

CVE-2021-30761

Disclosure Date: September 08, 2021
Exploited in the Wild
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..

Add Assessment

1
Technical Analysis

From what I can tell this is a memory corruption vulnerability in WebKit. WebKit vulns are commonly exploited in the wild and this one is no exception with https://support.apple.com/en-us/HT212548 noting that active exploitation in the wild has been discovered. It is a little odd that the patched version is noted as version 12.5.4 of iOS given the latest version is 14.6, but if you are still running on the 12.x branch, make sure to update to 12.5.4 to receive the patches for this vulnerability, particularly given it has a working exploit in the wild. This was likely used alongside the WebKit UAF vulnerability (see https://attackerkb.com/topics/Gyq95f2J1L/cve-2021-30762) that was patched in the same release to form a full working exploit against iOS devices.

CVSS V3 Severity and Metrics
Base Score:
8.8 High
Impact Score:
5.9
Exploitability Score:
2.8
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
Required
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High

General Information

Vendors

  • apple

Products

  • iphone os

Exploited in the Wild

Reported by:

Additional Info

Technical Analysis