Details of VAR-202108-2083

ID

VAR-202108-2083

CVE

CVE-2021-30912

TITLE

apple's Apple Mac OS X and macOS Improper Permission Preservation Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-020961

DESCRIPTION

The issue was addressed with improved permissions logic. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may gain access to a user's Keychain items. apple's Apple Mac OS X and macOS contains an improper permissions retention vulnerability.Information may be obtained. Information about the security content is also available at https://support.apple.com/HT212872. AppleScript Available for: macOS Big Sur Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30876: Jeremy Brown, hjy79425575 CVE-2021-30879: Jeremy Brown, hjy79425575 CVE-2021-30877: Jeremy Brown CVE-2021-30880: Jeremy Brown Audio Available for: macOS Big Sur Impact: A malicious application may be able to elevate privileges Description: An integer overflow was addressed through improved input validation. CVE-2021-30907: Zweig of Kunlun Lab Bluetooth Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved state handling. CVE-2021-30899: Weiteng Chen, Zheng Zhang, and Zhiyun Qian of UC Riverside, and Yu Wang of Didi Research America ColorSync Available for: macOS Big Sur Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of ICC profiles. CVE-2021-30917: Alexandru-Vlad Niculae and Mateusz Jurczyk of Google Project Zero CoreGraphics Available for: macOS Big Sur Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2021-30919 FileProvider Available for: macOS Big Sur Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: An input validation issue was addressed with improved memory handling. CVE-2021-30881: Simon Huang (@HuangShaomang) and pjf of IceSword Lab of Qihoo 360 iCloud Available for: macOS Big Sur Impact: A local attacker may be able to elevate their privileges Description: This issue was addressed with improved checks. CVE-2021-30906: Cees Elzinga Intel Graphics Driver Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2021-30824: Antonio Zekic (@antoniozekic) of Diverto Intel Graphics Driver Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple out-of-bounds write issues were addressed with improved bounds checking. CVE-2021-30901: Zuozhi Fan (@pattern_F_) of Ant Security TianQiong Lab, Yinyi Wu (@3ndy1), Jack Dates of RET2 Systems, Inc. IOGraphics Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2021-30821: Tim Michaud (@TimGMichaud) of Zoom Video Communications IOMobileFrameBuffer Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. CVE-2021-30883: an anonymous researcher Kernel Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2021-30909: Zweig of Kunlun Lab Kernel Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2021-30916: Zweig of Kunlun Lab Model I/O Available for: macOS Big Sur Impact: Processing a maliciously crafted file may disclose user information Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30910: Mickey Jin (@patch1t) of Trend Micro Model I/O Available for: macOS Big Sur Impact: Processing a maliciously crafted USD file may disclose memory contents Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30911: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab SMB Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2021-30868: Peter Nguyen Vu Hoang of STAR Labs SoftwareUpdate Available for: macOS Big Sur Impact: An unprivileged application may be able to edit NVRAM variables Description: The issue was addressed with improved permissions logic. CVE-2021-30913: Kirin (@Pwnrin) and chenyuwang (@mzzzz__) of Tencent Security Xuanwu Lab SoftwareUpdate Available for: macOS Big Sur Impact: A malicious application may gain access to a user's Keychain items Description: The issue was addressed with improved permissions logic. CVE-2021-30912: Kirin (@Pwnrin) and chenyuwang (@mzzzz__) of Tencent Security Xuanwu Lab UIKit Available for: macOS Big Sur Impact: A person with physical access to an iOS device may be able to determine characteristics of a user's password in a secure text entry field Description: A logic issue was addressed with improved state management. CVE-2021-30915: Kostas Angelopoulos Windows Server Available for: macOS Big Sur Impact: A local attacker may be able to view the previous logged-in user’s desktop from the fast user switching screen Description: An authentication issue was addressed with improved state management. CVE-2021-30908: ASentientBot zsh Available for: macOS Big Sur Impact: A malicious application may be able to modify protected parts of the file system Description: An inherited permissions issue was addressed with additional restrictions. CVE-2021-30892: Jonathan Bar Or of Microsoft Additional recognition iCloud We would like to acknowledge Ryan Pickren (ryanpickren.com) for their assistance. Installation note: This update may be obtained from the Mac App Store Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmF4hqoACgkQeC9qKD1p rhjexhAAtR/7FXVHWotw6RoCYu2agcJCed2Jnnf47+RKSptNEqvMwaknr2eQBUKb 1PQ0vVS3vLGALM73r8Kg1VcxQYTb27uVc1KCkTLIsMHsGLHmH+ZWEVS/ZwfS3nnY fLxemzNKTYc21935GT8Uvx6pEENh7Tfu+j/arZ4nbhtE04Ggbgxhv78k4wdlLbLI Z25whdX8EResx9Rh9mRBa/WDvqNfTkXEkjIAf2ge0H9MzzW/wB5UdUOwG/B9zUOi 9S21Xn+QUhIpyaeZ0tUKHJs2g5L3bJtKuXyO5Msd2kkO2942o4ONMiXe7loSEowf POz/D9Y465T65LFJgTMjwObx716u9JdMlyxr9UIVI2TnQE3WHs6y/jHv1Pz8q5nV k5o//Fdcp4YHeOdoumGN+o/PvxxQ0XEunVT26msMuntcK4hywOFneufxixVDQFf1 4nP+0JGX+PGfqg5uBNJOi3nJwvjTqA6YtDBEbXBcV5WOCPOPzDTzxeXIp4WxyxH5 UKO5ne2XH2T6O0Vde4enAIXVWAhBMUha8FrHdPYEfWphsYgI7+vYuCYZORHPz6Zf Yf9svUpqb2u0gDs2iibi0GANw+3vzOaDOV3y4HKighI8xzs8m6+YNyOkcbEPPLyQ 7T5tzulHTMJczutLmpiiFDmIoKE3+s5PGmzrlM1qWUGrfpv+ReY= =XZJU -----END PGP SIGNATURE-----

Trust: 1.98

sources: NVD: CVE-2021-30912 // JVNDB: JVNDB-2021-020961 // VULHUB: VHN-390645 // VULMON: CVE-2021-30912 // PACKETSTORM: 164673 // PACKETSTORM: 164677

AFFECTED PRODUCTS

vendor:	apple	model:	macos	scope:	eq	version:	12.0	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.15.7	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	11.6.1	Trust: 1.0
vendor:	apple	model:	macos	scope:	gte	version:	11.0	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lt	version:	10.15.7	Trust: 1.0
vendor:	アップル	model:	apple mac os x	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	macos	scope:	eq	version:	11.0 that's all 11.6.1	Trust: 0.8
vendor:	アップル	model:	macos	scope:	eq	version:	12.0	Trust: 0.8

sources: JVNDB: JVNDB-2021-020961 // NVD: CVE-2021-30912

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-30912
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2021-30912
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202108-2004
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-390645
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2021-30912
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-30912
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-390645
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-30912
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2021-30912
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-390645 // VULMON: CVE-2021-30912 // JVNDB: JVNDB-2021-020961 // CNNVD: CNNVD-202108-2004 // NVD: CVE-2021-30912

PROBLEMTYPE DATA

problemtype:	CWE-281	Trust: 1.1
problemtype:	Improper retention of permissions (CWE-281) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-390645 // JVNDB: JVNDB-2021-020961 // NVD: CVE-2021-30912

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202108-2004

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-202108-2004

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-390645

PATCH

title:	HT212871 Apple Security update	url:	https://support.apple.com/en-us/HT212869	Trust: 0.8
title:	Apple macOS Big Sur Fixes for permissions and access control issues vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167681	Trust: 0.6

sources: JVNDB: JVNDB-2021-020961 // CNNVD: CNNVD-202108-2004

EXTERNAL IDS

db:	NVD	id:	CVE-2021-30912	Trust: 3.6
db:	PACKETSTORM	id:	164677	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-020961	Trust: 0.8
db:	CS-HELP	id:	SB2021102711	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3564	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3560	Trust: 0.6
db:	CNNVD	id:	CNNVD-202108-2004	Trust: 0.6
db:	PACKETSTORM	id:	164673	Trust: 0.2
db:	VULHUB	id:	VHN-390645	Trust: 0.1
db:	VULMON	id:	CVE-2021-30912	Trust: 0.1

sources: VULHUB: VHN-390645 // VULMON: CVE-2021-30912 // JVNDB: JVNDB-2021-020961 // PACKETSTORM: 164673 // PACKETSTORM: 164677 // CNNVD: CNNVD-202108-2004 // NVD: CVE-2021-30912

REFERENCES

url:	https://support.apple.com/en-us/ht212872	Trust: 2.4
url:	https://support.apple.com/en-us/ht212869	Trust: 1.8
url:	https://support.apple.com/en-us/ht212871	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30912	Trust: 1.0
url:	https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-36718	Trust: 0.6
url:	https://packetstormsecurity.com/files/164677/apple-security-advisory-2021-10-26-5.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3560	Trust: 0.6
url:	https://support.apple.com/ht212872	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3564	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021102711	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30919	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30899	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30915	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30907	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30916	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30876	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30879	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30909	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30910	Trust: 0.2
url:	https://www.apple.com/support/security/pgp/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30877	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30892	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30917	Trust: 0.2
url:	https://support.apple.com/kb/ht201222	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30880	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30824	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30881	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30911	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30821	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30901	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/281.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	http://seclists.org/fulldisclosure/2021/oct/57	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30906	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30913	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30908	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30883	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30868	Trust: 0.1
url:	https://support.apple.com/ht212872.	Trust: 0.1
url:	https://support.apple.com/ht212871.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30834	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30905	Trust: 0.1

CREDITS

Apple

Trust: 0.2

sources: PACKETSTORM: 164673 // PACKETSTORM: 164677

SOURCES

db:	VULHUB	id:	VHN-390645
db:	VULMON	id:	CVE-2021-30912
db:	JVNDB	id:	JVNDB-2021-020961
db:	PACKETSTORM	id:	164673
db:	PACKETSTORM	id:	164677
db:	CNNVD	id:	CNNVD-202108-2004
db:	NVD	id:	CVE-2021-30912

LAST UPDATE DATE

2024-08-14T12:33:20.872000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-390645	date:	2021-11-01T00:00:00
db:	VULMON	id:	CVE-2021-30912	date:	2021-11-01T00:00:00
db:	JVNDB	id:	JVNDB-2021-020961	date:	2024-07-17T01:00:00
db:	CNNVD	id:	CNNVD-202108-2004	date:	2021-11-29T00:00:00
db:	NVD	id:	CVE-2021-30912	date:	2023-11-07T03:33:49.600

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-390645	date:	2021-08-24T00:00:00
db:	VULMON	id:	CVE-2021-30912	date:	2021-08-24T00:00:00
db:	JVNDB	id:	JVNDB-2021-020961	date:	2024-07-17T00:00:00
db:	PACKETSTORM	id:	164673	date:	2021-10-28T14:41:31
db:	PACKETSTORM	id:	164677	date:	2021-10-28T14:43:37
db:	CNNVD	id:	CNNVD-202108-2004	date:	2021-08-24T00:00:00
db:	NVD	id:	CVE-2021-30912	date:	2021-08-24T19:15:19.073