Details of VAR-202104-0590

ID

VAR-202104-0590

CVE

CVE-2021-1805

TITLE

Apple macOS process_token_BindQueryStoreRegisterToMemoryList Out-Of-Bounds Write Privilege Escalation Vulnerability

Trust: 1.4

sources: ZDI: ZDI-21-199 // ZDI: ZDI-21-196

DESCRIPTION

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, macOS Mojave 10.14.6 Security Update 2021-002. An application may be able to execute arbitrary code with kernel privileges. macOS Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the AppleIntelKBLGraphics kext. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. There is a security vulnerability in the Intel Graphics Driver. Please keep an eye on CNNVD or the manufacturer's announcement. The specific flaw exists within the AppleIntelKBLGraphics kext. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-04-26-4 Security Update 2021-003 Mojave Security Update 2021-003 Mojave addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212327. APFS Available for: macOS Mojave Impact: A local user may be able to read arbitrary files Description: The issue was addressed with improved permissions logic. CVE-2021-1797: Thomas Tempelmann Audio Available for: macOS Mojave Impact: An application may be able to read restricted memory Description: A memory corruption issue was addressed with improved validation. CVE-2021-1808: JunDong Xie of Ant Security Light-Year Lab CFNetwork Available for: macOS Mojave Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A memory initialization issue was addressed with improved memory handling. CVE-2021-1857: an anonymous researcher CoreAudio Available for: macOS Mojave Impact: A malicious application may be able to read restricted memory Description: A memory corruption issue was addressed with improved validation. CVE-2021-1809: JunDong Xie of Ant Security Light-Year Lab CoreGraphics Available for: macOS Mojave Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2021-1847: Xuwei Liu of Purdue University CoreText Available for: macOS Mojave Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: A logic issue was addressed with improved state management. CVE-2021-1811: Xingwei Lin of Ant Security Light-Year Lab curl Available for: macOS Mojave Impact: A remote attacker may be able to cause a denial of service Description: A buffer overflow was addressed with improved input validation. CVE-2020-8285: xnynx curl Available for: macOS Mojave Impact: An attacker may provide a fraudulent OCSP response that would appear valid Description: This issue was addressed with improved checks. CVE-2020-8286: an anonymous researcher DiskArbitration Available for: macOS Mojave Impact: A malicious application may be able to modify protected parts of the file system Description: A permissions issue existed in DiskArbitration. This was addressed with additional ownership checks. CVE-2021-1784: Csaba Fitzl (@theevilbit) of Offensive Security, an anonymous researcher, and Mikko Kenttälä (@Turmio_) of SensorFu FontParser Available for: macOS Mojave Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-1881: Hou JingYi (@hjy79425575) of Qihoo 360, an anonymous researcher, Xingwei Lin of Ant Security Light-Year Lab, and Mickey Jin of Trend Micro FontParser Available for: macOS Mojave Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A logic issue was addressed with improved state management. CVE-2020-27942: an anonymous researcher Foundation Available for: macOS Mojave Impact: A malicious application may be able to gain root privileges Description: A validation issue was addressed with improved logic. CVE-2021-1813: Cees Elzinga ImageIO Available for: macOS Mojave Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-1843: Ye Zhang of Baidu Security Intel Graphics Driver Available for: macOS Mojave Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write was addressed with improved input validation. CVE-2021-1805: ABC Research s.r.o. working with Trend Micro Zero Day Initiative Intel Graphics Driver Available for: macOS Mojave Impact: An application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with additional validation. CVE-2021-1806: ABC Research s.r.o. working with Trend Micro Zero Day Initiative Intel Graphics Driver Available for: macOS Mojave Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-1834: ABC Research s.r.o. working with Trend Micro Zero Day Initiative Kernel Available for: macOS Mojave Impact: A malicious application may be able to disclose kernel memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2021-1851: @0xalsr Kernel Available for: macOS Mojave Impact: A local attacker may be able to elevate their privileges Description: A memory corruption issue was addressed with improved validation. CVE-2021-1840: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab libxpc Available for: macOS Mojave Impact: A malicious application may be able to gain root privileges Description: A race condition was addressed with additional validation. CVE-2021-30652: James Hutchins libxslt Available for: macOS Mojave Impact: Processing a maliciously crafted file may lead to heap corruption Description: A double free issue was addressed with improved memory management. CVE-2021-1875: Found by OSS-Fuzz NSRemoteView Available for: macOS Mojave Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2021-1876: Matthew Denton of Google Chrome Preferences Available for: macOS Mojave Impact: A local user may be able to modify protected parts of the file system Description: A parsing issue in the handling of directory paths was addressed with improved path validation. CVE-2021-1739: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com) smbx Available for: macOS Mojave Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: An integer overflow was addressed with improved input validation. CVE-2021-1878: Aleksandar Nikolic of Cisco Talos (talosintelligence.com) Tailspin Available for: macOS Mojave Impact: A local attacker may be able to elevate their privileges Description: A logic issue was addressed with improved state management. CVE-2021-1868: Tim Michaud of Zoom Communications tcpdump Available for: macOS Mojave Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2020-8037: an anonymous researcher Time Machine Available for: macOS Mojave Impact: A local attacker may be able to elevate their privileges Description: The issue was addressed with improved permissions logic. CVE-2021-1839: Tim Michaud(@TimGMichaud) of Zoom Video Communications and Gary Nield of ECSC Group plc Wi-Fi Available for: macOS Mojave Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A memory corruption issue was addressed with improved validation. CVE-2021-1828: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab wifivelocityd Available for: macOS Mojave Impact: An application may be able to execute arbitrary code with system privileges Description: The issue was addressed with improved permissions logic. CVE-2020-3838: Dayton Pidhirney (@_watbulb) Windows Server Available for: macOS Mojave Impact: A malicious application may be able to unexpectedly leak a user's credentials from secure text fields Description: An API issue in Accessibility TCC permissions was addressed with improved state management. CVE-2021-1873: an anonymous researcher Installation note: This update may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmCHO2EACgkQZcsbuWJ6 jjBHBhAAmHYbcREaaxOXQwrb56He+ool1GyXUCGknHRnEO6Ik0nyE/GeUPuv8Y/Q /ywr188mv3ehtjFlXWpHtqwOn0KoNlAlcE+jy9r3QGTxNmBM2z30FeC0wiYYEi7s I5xWkZIcnO1jq2CMGVHHfbLhyLnkWblwWvCOWriCRzbTocEWgEqwrh/uguTVRWB4 oVo8+uHcdiS2gqS0LIMbbvP6SGkfPwVlL8Mr/e96xdditiRbZX01GkAm0l5ezYHt xrs8378fmQK3su4dHrkHpFpTmT3Yib8Jtotat8cgu6lWxLGEFR5kOye4QIjFCl/a UhnR52nlMyYlh4anbqUs7PAh2QDVa3scaRfGTdAogPfaZIAhaaiuj8qXUOsAxEhk rf0TOXmgCDfhuaA08Ys43sgUgunPLOa2+jMT4VspLZxDTkWLDrGFjlM4P5643WrT ITAKLoqq8SOhce6gd3VECvG+EK/fBWrdwzsVDzfxU3yW3kSCKxX25KcRePwJZAAu s1ZZpIZdY7rmi1DwafNSig2dncjUZJy6AhiI5w6cpQzBOQVioU8oac2JDi1X2Rn1 k/D3VQfmYas7HGqUSwx3MUx+yybktm+8Ogo+vtcRKCzUF5t13bwpyAda0mJ62c6L I/ISWomRdC4XX3AQL5EJLzO9slpOBqWsbQb0cULdt+mb4H+nLDE= =NZ77 -----END PGP SIGNATURE-----

Trust: 3.87

sources: NVD: CVE-2021-1805 // JVNDB: JVNDB-2021-012728 // ZDI: ZDI-21-202 // ZDI: ZDI-21-199 // ZDI: ZDI-21-196 // VULHUB: VHN-376465 // VULMON: CVE-2021-1805 // PACKETSTORM: 162362 // PACKETSTORM: 161398

AFFECTED PRODUCTS

vendor:	apple	model:	macos	scope:	-	version:	-	Trust: 2.1
vendor:	apple	model:	mac os x	scope:	gte	version:	10.15	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.15.7	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.14.6	Trust: 1.0
vendor:	apple	model:	macos	scope:	gte	version:	11.0	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	11.2	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lt	version:	10.15.7	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lt	version:	10.14.6	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	gte	version:	10.14	Trust: 1.0
vendor:	アップル	model:	macos	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	apple mac os x	scope:	-	version:	-	Trust: 0.8

sources: ZDI: ZDI-21-202 // ZDI: ZDI-21-199 // ZDI: ZDI-21-196 // JVNDB: JVNDB-2021-012728 // NVD: CVE-2021-1805

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	CVE-2021-1805
value:	HIGH
Trust: 2.1
nvd@nist.gov:	CVE-2021-1805
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-1805
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202102-808
value:	HIGH
Trust: 0.6
VULHUB:	VHN-376465
value:	HIGH
Trust: 0.1
VULMON:	CVE-2021-1805
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-1805
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-376465
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

ZDI:	CVE-2021-1805
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.1
impactScore:	6.0
version:	3.0
Trust: 2.1
nvd@nist.gov:	CVE-2021-1805
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2021-1805
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: ZDI: ZDI-21-202 // ZDI: ZDI-21-199 // ZDI: ZDI-21-196 // VULHUB: VHN-376465 // VULMON: CVE-2021-1805 // JVNDB: JVNDB-2021-012728 // CNNVD: CNNVD-202102-808 // NVD: CVE-2021-1805

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.1
problemtype:	Out-of-bounds writing (CWE-787) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-376465 // JVNDB: JVNDB-2021-012728 // NVD: CVE-2021-1805

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202102-808

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202102-808

PATCH

title:	Apple has issued an update to correct this vulnerability.	url:	https://support.apple.com/HT212177	Trust: 2.1
title:	HT212177 Apple Security update	url:	https://support.apple.com/en-us/HT212177	Trust: 0.8
title:	Intel Graphics Driver Enter the fix for the verification error vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142187	Trust: 0.6
title:	Apple: macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=7ddd0bfc954a0c128a5cda953ad458f8	Trust: 0.1

sources: ZDI: ZDI-21-202 // ZDI: ZDI-21-199 // ZDI: ZDI-21-196 // VULMON: CVE-2021-1805 // JVNDB: JVNDB-2021-012728 // CNNVD: CNNVD-202102-808

EXTERNAL IDS

db:	NVD	id:	CVE-2021-1805	Trust: 5.7
db:	ZDI	id:	ZDI-21-199	Trust: 0.8
db:	PACKETSTORM	id:	162362	Trust: 0.8
db:	PACKETSTORM	id:	161398	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-012728	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-11495	Trust: 0.7
db:	ZDI	id:	ZDI-21-202	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-11421	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-11418	Trust: 0.7
db:	ZDI	id:	ZDI-21-196	Trust: 0.7
db:	AUSCERT	id:	ESB-2021.1417	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.0467	Trust: 0.6
db:	CNNVD	id:	CNNVD-202102-808	Trust: 0.6
db:	VULHUB	id:	VHN-376465	Trust: 0.1
db:	VULMON	id:	CVE-2021-1805	Trust: 0.1

sources: ZDI: ZDI-21-202 // ZDI: ZDI-21-199 // ZDI: ZDI-21-196 // VULHUB: VHN-376465 // VULMON: CVE-2021-1805 // JVNDB: JVNDB-2021-012728 // PACKETSTORM: 162362 // PACKETSTORM: 161398 // CNNVD: CNNVD-202102-808 // NVD: CVE-2021-1805

REFERENCES

url:	http://seclists.org/fulldisclosure/2021/apr/54	Trust: 2.6
url:	https://support.apple.com/en-us/ht212177	Trust: 2.4
url:	https://support.apple.com/ht212177	Trust: 2.1
url:	https://support.apple.com/kb/ht212327	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1805	Trust: 1.6
url:	https://packetstormsecurity.com/files/161398/apple-security-advisory-2021-02-09-1.html	Trust: 0.6
url:	https://vigilance.fr/vulnerability/apple-macos-two-vulnerabilities-34539	Trust: 0.6
url:	https://packetstormsecurity.com/files/162362/apple-security-advisory-2021-04-26-4.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.0467	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1417	Trust: 0.6
url:	https://support.apple.com/en-us/ht212327	Trust: 0.6
url:	https://support.apple.com/kb/ht201222	Trust: 0.2
url:	https://www.apple.com/support/security/pgp/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1806	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/787.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://support.apple.com/kb/ht212177	Trust: 0.1
url:	https://www.zerodayinitiative.com/advisories/zdi-21-199/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1860	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1857	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1813	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1840	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1876	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1739	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1851	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1878	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1828	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1809	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1875	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-8037	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1784	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1847	Trust: 0.1
url:	https://support.apple.com/downloads/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1843	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-27942	Trust: 0.1
url:	https://support.apple.com/ht212327.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1811	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1839	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3838	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1797	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-8285	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1834	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1873	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-8286	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1808	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1868	Trust: 0.1
url:	https://support.apple.com/ht212177.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3156	Trust: 0.1

CREDITS

ABC Research s.r.o.

Trust: 2.1

sources: ZDI: ZDI-21-202 // ZDI: ZDI-21-199 // ZDI: ZDI-21-196

SOURCES

db:	ZDI	id:	ZDI-21-202
db:	ZDI	id:	ZDI-21-199
db:	ZDI	id:	ZDI-21-196
db:	VULHUB	id:	VHN-376465
db:	VULMON	id:	CVE-2021-1805
db:	JVNDB	id:	JVNDB-2021-012728
db:	PACKETSTORM	id:	162362
db:	PACKETSTORM	id:	161398
db:	CNNVD	id:	CNNVD-202102-808
db:	NVD	id:	CVE-2021-1805

LAST UPDATE DATE

2024-11-23T20:11:51.897000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-21-202	date:	2021-02-24T00:00:00
db:	ZDI	id:	ZDI-21-199	date:	2021-02-24T00:00:00
db:	ZDI	id:	ZDI-21-196	date:	2021-02-24T00:00:00
db:	VULHUB	id:	VHN-376465	date:	2021-05-04T00:00:00
db:	VULMON	id:	CVE-2021-1805	date:	2021-05-04T00:00:00
db:	JVNDB	id:	JVNDB-2021-012728	date:	2022-09-08T01:10:00
db:	CNNVD	id:	CNNVD-202102-808	date:	2021-11-03T00:00:00
db:	NVD	id:	CVE-2021-1805	date:	2024-11-21T05:45:08.743

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-21-202	date:	2021-02-24T00:00:00
db:	ZDI	id:	ZDI-21-199	date:	2021-02-24T00:00:00
db:	ZDI	id:	ZDI-21-196	date:	2021-02-24T00:00:00
db:	VULHUB	id:	VHN-376465	date:	2021-04-02T00:00:00
db:	VULMON	id:	CVE-2021-1805	date:	2021-04-02T00:00:00
db:	JVNDB	id:	JVNDB-2021-012728	date:	2022-09-08T00:00:00
db:	PACKETSTORM	id:	162362	date:	2021-04-28T15:00:23
db:	PACKETSTORM	id:	161398	date:	2021-02-12T17:29:14
db:	CNNVD	id:	CNNVD-202102-808	date:	2021-02-09T00:00:00
db:	NVD	id:	CVE-2021-1805	date:	2021-04-02T19:15:20.083