| Vulnerability Name: | CVE-2021-30770 (CCN-206139) | ||||||||||||
| Assigned: | 2021-07-21 | ||||||||||||
| Published: | 2021-07-21 | ||||||||||||
| Updated: | 2021-09-15 | ||||||||||||
| Summary: | A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations. | ||||||||||||
| CVSS v3 Severity: | 5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N) 4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 4.9 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:C/A:N)
| ||||||||||||
| Vulnerability Type: | CWE-287 | ||||||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2021-30770 Source: XF Type: UNKNOWN apple-watchos-cve202130770-sec-bypass(206139) Source: MISC Type: Release Notes, Vendor Advisory https://support.apple.com/en-us/HT212601 Source: MISC Type: Release Notes, Vendor Advisory https://support.apple.com/en-us/HT212604 Source: CCN Type: Apple security document HT212605 About the security content of watchOS 7.6 Source: MISC Type: Release Notes, Vendor Advisory https://support.apple.com/en-us/HT212605 | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||