CVE-2021-30858

Description from NVD

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Information Acquisition Date:2021-10-15T14:54Z
CVSS 2.0: 6.8 MEDIUM CVSS 3.x: 8.8 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:M/Au:N/C:P/I:P/A:P

NVD References

 https://support.apple.com/en-us/HT212807
     source:MISC
     tags:Release Notes    Vendor Advisory    
 https://support.apple.com/en-us/HT212804
     source:MISC
     tags:Release Notes    Vendor Advisory    
 20210917 APPLE-SA-2021-09-13-1 iOS 14.8 and iPadOS 14.8
     source:FULLDISC
     tags:
 20210917 APPLE-SA-2021-09-13-3 macOS Big Sur 11.6
     source:FULLDISC
     tags:
 20210917 APPLE-SA-2021-09-13-5 Safari 14.1.2
     source:FULLDISC
     tags:
 [oss-security] 20210920 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0005
     source:MLIST
     tags:
 FEDORA-2021-c00e45b6c0
     source:FEDORA
     tags:
 20210921 APPLE-SA-2021-09-20-7 Additional information for APPLE-SA-2021-09-13-3 macOS Big Sur 11.6
     source:FULLDISC
     tags:
 20210921 APPLE-SA-2021-09-20-6 Additional information for APPLE-SA-2021-09-13-1 iOS 14.8 and iPadOS 14.8
     source:FULLDISC
     tags:
 DSA-4976
     source:DEBIAN
     tags:
 DSA-4975
     source:DEBIAN
     tags:
 https://support.apple.com/kb/HT212824
     source:CONFIRM
     tags:
 20210924 APPLE-SA-2021-09-23-1 iOS 12.5.5
     source:FULLDISC
     tags:
 FEDORA-2021-edf6957b7d
     source:FEDORA
     tags:

This vulnerability may involve a PoC.

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag:



List of frequently cited URLs

URLNum of Times Referred to
https://thehackernews.com/2021/09/urgent-apple-ios-and-maco...8
https://googleprojectzero.github.io/0days-in-the-wild/0days...8
https://www.helpnetsecurity.com/2021/09/14/cve-2021-30860/5
https://bit.ly/2WtwYQH3
https://twitter.com/maddiestone/status/14483039429793136743
https://us-cert.cisa.gov/ncas/current-activity/2021/09/13/a...3
https://support.apple.com/en-us/HT2128073

Information from Twitter

User URL Info Source Date
cointelpro20 https://github.com/googleprojectzero/0days-in-the-wild/blob... Source cointelpro20     1552691378630574082 2022/07/29

List of frequently cited URLs

URLNum of Times Referred to
thehackernews.com8
googleprojectzero.github.io8
www.helpnetsecurity.com5
bit.ly3
twitter.com3
us-cert.cisa.gov3
support.apple.com3

Information from Twitter

User URL Info Source
cointelpro20 github.com Show Tweet

GitHub Search Results: Up to 10
NameURL
KameleonReloaded/CVEREV3 https://github.com/KameleonReloaded/CVEREV3
PeterMxx/ps4_8.00_vuln_poc https://github.com/PeterMxx/ps4_8.00_vuln_poc

GitHub Search Results: Up to 10
NameURL
KameleonReloaded/CVEREV3 github.com
PeterMxx/ps4_8.00_vuln_poc github.com

2022/07/29 Score : 1
Added Har-sia Database : 2021/09/14
Last Modified : 2022/07/29
Highest Scored Date : 2021/09/14
Highest Score : 61