CVE-2021-30955

Description from NVD

A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges.

Information Acquisition Date:2022-03-31T16:40Z

CVSS 2.0: 7.6 HIGH CVSS 3.x: 7.0 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector (AV)	Network	Adjacent	Local	Physical
Attack Complexity (AC)	LOW	High
Privileges Required (PR)	None	Low	High
User Interaction (UI)	None	Required
Scope (S)	Unchange	Change
Confidentiality (C)	None	Low	High
Integrity (I)	None	Low	High
Availability (A)	None	Low	High

▼ CVSS2 Vec AV:N/AC:H/Au:N/C:C/I:C/A:C

Attack Vector (AV)	Network	Adjacent	Local
Access Complexity (AC)	Low	Medium	High
Authentication (Au)	None	Single	Multiple
Confidentiality (C)	None	Partial	Complete
Integrity (I)	None	Partial	Complete
Availability (A)	None	Partial	Complete

NVD References

https://support.apple.com/en-us/HT212975
source:MISC
tags:Vendor Advisory

https://support.apple.com/en-us/HT212978
source:MISC
tags:Vendor Advisory

https://support.apple.com/en-us/HT212976
source:MISC
tags:Vendor Advisory

https://support.apple.com/en-us/HT212980
source:MISC
tags:Vendor Advisory

This vulnerability may involve a PoC.

Description from Forti

About the security content of macOS Monterey 12 1

Information Acquisition Date:2022/03/16

Affected Products

Impact

Recommended Actions

References

Refer to Information on External Sites

CVE Infomation	Exploits or more Infomation
mitre	EXPLOIT DATABASE
NVD	0day.today
vulmon.com	github
CVE Details	Twitter
JVN ENG JPN
Reconshell

Software Tag:

List of frequently cited URLs

URL	Num of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...	253
https://cvetrends.com	48
http://twinybots.ch	36
https://www.cyberkl.com/cvelist/cvedetail/24	5
https://github.com/b1n4r1b01/desc_race	4
https://twitter.com/realBrightiup/status/1470535136047513609	3
https://gist.github.com/jakeajames/37f72c58c775bfbdda3aa957...	3
https://tools4hack.santalab.me/release-cve-2021-30955-ios15...	3

Information from Twitter

User	URL	Info Source	Date
licht_jb	https://twitter.com/realbrightiup/status/1496381284104519681	Source licht_jb 1626255410733907968	2023/02/17

List of frequently cited URLs

URL	Num of Times Referred to
alerts.vulmon.com	253
cvetrends.com	48
twinybots.ch	36
www.cyberkl.com	5
github.com	4
twitter.com	3
gist.github.com	3
tools4hack.santalab.me	3

Information from Twitter

User	URL	Info Source
licht_jb	twitter.com	Show Tweet

GitHub Search Results: Up to 10

Name	URL
b1n4r1b01/desc_race	https://github.com/b1n4r1b01/desc_race
markie-dev/desc_race_A15	https://github.com/markie-dev/desc_race_A15
GeoSn0w/Pentagram-exploit-tester	https://github.com/GeoSn0w/Pentagram-exploit-tester
verygenericname/CVE-2021-30955-POC-IPA	https://github.com/verygenericname/CVE-2021-30955-POC-IPA
timb-machine-mirrors/CVE-2021-30955	https://github.com/timb-machine-mirrors/CVE-2021-30955
nickorlow/CVE-2021-30955-POC	https://github.com/nickorlow/CVE-2021-30955-POC
Dylbin/desc_race	https://github.com/Dylbin/desc_race

GitHub Search Results: Up to 10

Name	URL
b1n4r1b01/desc_race	github.com
markie-dev/desc_race_A15	github.com
GeoSn0w/Pentagram-exploit-tester	github.com
verygenericname/CVE-2021-30955-POC-IPA	github.com
timb-machine-mirrors/CVE-2021-30955	github.com
nickorlow/CVE-2021-30955-POC	github.com
Dylbin/desc_race	github.com

2023/02/17 Score : 0
Added Har-sia Database : 2021/12/14
Last Modified : 2023/02/17
Highest Scored Date : 2022/03/01
Highest Score : 50