CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2021-31010 – Apple iOS, macOS, watchOS Sandbox Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-31010
A deserialization issue was addressed through improved validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 12.5.5, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. A sandboxed process may be able to circumvent sandbox restrictions. Apple was aware of a report that this issue may have been actively exploited at the time of release.. Se ha solucionado un problema de deserialización mediante una validación mejorada. • https://support.apple.com/en-us/HT212804 https://support.apple.com/en-us/HT212805 https://support.apple.com/en-us/HT212806 https://support.apple.com/en-us/HT212807 https://support.apple.com/en-us/HT212824 • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-31007
https://notcve.org/view.php?id=CVE-2021-31007
Description: A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, tvOS 15.1, macOS Big Sur 11.6.2, watchOS 8.1, macOS Monterey 12.1. A malicious application may be able to bypass Privacy preferences. Descripción: Se ha solucionado un problema de permisos con una validación mejorada. Este problema se ha solucionado en iOS 15.1 y iPadOS 15.1, tvOS 15.1, macOS Big Sur 11.6.2, watchOS 8.1, macOS Monterey 12.1. • https://support.apple.com/en-us/HT212867 https://support.apple.com/en-us/HT212874 https://support.apple.com/en-us/HT212876 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212979 • CWE-276: Incorrect Default Permissions •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-31006
https://notcve.org/view.php?id=CVE-2021-31006
Description: A permissions issue was addressed with improved validation. This issue is fixed in watchOS 7.6, tvOS 14.7, macOS Big Sur 11.5. A malicious application may be able to bypass certain Privacy preferences. Descripción: Se ha solucionado un problema de permisos con una validación mejorada. Este problema se ha solucionado en watchOS 7.6, tvOS 14.7 y macOS Big Sur 11.5. • https://support.apple.com/en-us/HT212602 https://support.apple.com/en-us/HT212604 https://support.apple.com/en-us/HT212605 • CWE-276: Incorrect Default Permissions •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2021-31004
https://notcve.org/view.php?id=CVE-2021-31004
A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.5. An application may be able to gain elevated privileges. Se ha solucionado una condición de carrera con un bloqueo mejorado. Este problema se ha solucionado en macOS Monterey 12.0.1, macOS Big Sur 11.5. • https://support.apple.com/en-us/HT212602 https://support.apple.com/en-us/HT212869 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-31002
https://notcve.org/view.php?id=CVE-2021-31002
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.2. A malicious application may be able to execute arbitrary code with system privileges. Se ha solucionado una lectura fuera de los límites con una validación de entrada mejorada. Este problema se ha solucionado en macOS Monterey 12.0.1, macOS Big Sur 11.6.2. • https://support.apple.com/en-us/HT212869 https://support.apple.com/en-us/HT212979 • CWE-125: Out-of-bounds Read •