SB2021012702 - Multiple vulnerabilities in Apple iOS and iPadOS
Published: January 27, 2021 Updated: April 27, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 55 secuirty vulnerabilities.
1) Race condition (CVE-ID: CVE-2021-1782)
The vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to a race condition in the Kernel component. A remote attacker can use a malicious application and escalate privileges on the system.
Note: The vulnerability is being actively exploited in the wild.
2) Business Logic Errors (CVE-ID: CVE-2021-1871)
The vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to a logic issue in the WebKit component. A remote attacker can trick a victim to visit a malicious website and execute arbitrary code on the system.
Note: The vulnerability is being actively exploited in the wild.
3) Business Logic Errors (CVE-ID: CVE-2021-1870)
The vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to a logic issue in the WebKit component. A remote attacker can trick a victim to visit a malicious website and execute arbitrary code on the system.
Note: The vulnerability is being actively exploited in the wild.
4) Input validation error (CVE-ID: CVE-2021-1761)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the Analytics component in macOS. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
5) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2021-1797)
The vulnerability allows a local user to read arbitrary files on the system.
The vulnerability exists due to application does not properly impose security restrictions within the APFS component in macOS. A local user can read arbitrary files on the system.
6) Out-of-bounds read (CVE-ID: CVE-2021-1794)
The vulnerability allows an attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in Bluetooth subsystem. An attacker with physical proximity to the device can send specially crafted packets to the system, trigger out-of-bounds read error and read contents of memory on the system.
7) Out-of-bounds write (CVE-ID: CVE-2021-1795)
The vulnerability allows an attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in Bluetooth subsystem. An attacker with physical proximity to the device can trigger out-of-bounds write and execute arbitrary code on the target system.
8) Out-of-bounds write (CVE-ID: CVE-2021-1796)
The vulnerability allows an attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in Bluetooth subsystem. An attacker with physical proximity to the device can trigger out-of-bounds write and execute arbitrary code on the target system.
9) Improper Initialization (CVE-ID: CVE-2021-1780)
The vulnerability allows an attacker to perform DoS attack.
The vulnerability exists due to improper initialization within the Bluetooth subsystem. An attacker with physical proximity to device can send specially crafted packets to the system and perform a denial of service (DoS) attack.
10) Buffer overflow (CVE-ID: CVE-2021-1760)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the CoreAnimation component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
11) Out-of-bounds write (CVE-ID: CVE-2021-1747)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input within the CoreAudio component in macOS. A remote attacker can trick the victim into visit a specially crafted website, trigger out-of-bounds write and execute arbitrary code on the target system.
12) Out-of-bounds write (CVE-ID: CVE-2021-1776)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing fonts within the CoreGraphics component in macOS. A remote attacker can create a specially crafted website or document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
13) Out-of-bounds read (CVE-ID: CVE-2021-1759)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the CoreMedia component in macOS. A remote attacker can create a specially crafted image, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
14) Stack-based buffer overflow (CVE-ID: CVE-2021-1772)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the CoreText component in macOS within the parsing of TTF fonts. A remote attacker can create a specially crafted text file, trick the victim into opening it, trigger a stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
15) Out-of-bounds read (CVE-ID: CVE-2021-1792)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the CoreText component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
16) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2021-1786)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions within the Crash Reporter component in macOS. A local user can create or modify system files and escalate privileges on the system.
17) Input validation error (CVE-ID: CVE-2021-1787)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the Crash Reporter component in macOS. A local user can pass specially crafted input to the application and perform a denial of service (DoS) attack.
18) Out-of-bounds read (CVE-ID: CVE-2021-1791)
The vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the FairPlay component in macOS. A local application can trigger out-of-bounds read error and read contents of kernel memory.
19) Out-of-bounds read (CVE-ID: CVE-2021-1758)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when processing font files within the FontParser component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
20) Input validation error (CVE-ID: CVE-2021-1773)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when processing image files within the ImageIO component in macOS. A remote attacker can pass specially crafted file to the application and perform a denial of service (DoS) attack.
21) Input validation error (CVE-ID: CVE-2021-1766)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when processing image files within the ImageIO component in macOS. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
22) Out-of-bounds read (CVE-ID: CVE-2021-1785)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
23) Out-of-bounds write (CVE-ID: CVE-2021-1744)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
24) Buffer overflow (CVE-ID: CVE-2021-1818)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
25) Input validation error (CVE-ID: CVE-2021-1742)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it and execute arbitrary code on the system.
26) Input validation error (CVE-ID: CVE-2021-1746)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it and execute arbitrary code on the system.
27) Input validation error (CVE-ID: CVE-2021-1754)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it and execute arbitrary code on the system.
28) Input validation error (CVE-ID: CVE-2021-1774)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it and execute arbitrary code on the system.
29) Input validation error (CVE-ID: CVE-2021-1777)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it and execute arbitrary code on the system.
30) Input validation error (CVE-ID: CVE-2021-1793)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it and execute arbitrary code on the system.
31) Out-of-bounds read (CVE-ID: CVE-2021-1741)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
32) Out-of-bounds read (CVE-ID: CVE-2021-1743)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
33) Out-of-bounds read (CVE-ID: CVE-2021-1778)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition when processing image files within the curl implementation in the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and crash the system.
34) Buffer overflow (CVE-ID: CVE-2021-1783)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
35) Out-of-bounds read (CVE-ID: CVE-2021-1757)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary condition within the IOSkywalkFamily component in macOS. A local user can run a specially crafted program to trigger out-of-bounds read error and escalate privileges on the system.
36) Cross-site scripting (CVE-ID: CVE-2021-1748)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within iTunes Store. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
37) Use-after-free (CVE-ID: CVE-2021-1764)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the kernel subsystem. A remote attacker can trick the victim to open a specially crafted file and crash the system.
38) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2021-1750)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to logic error within the kernel subsystem. A local application can execute arbitrary code with kernel privileges.
39) Information disclosure (CVE-ID: CVE-2021-1781)
The vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to a privacy issue in the handling of Contact cards. A local application can gain unauthorized access to sensitive private data.
40) Buffer overflow (CVE-ID: CVE-2021-1763)
when processing untrusted input within the Model I/O component in macOS. An attacker can use a specially crafted USD file to crash the system or execute arbitrary code.41) Out-of-bounds read (CVE-ID: CVE-2021-1768)
The vulnerability allows a local user to crash the system.
The vulnerability exists due to a boundary condition when processing USB files in the Model I/O component in macOS. A local user can insert a specially crafted USB drive, trigger out-of-bounds read error and crash the system.
42) Out-of-bounds read (CVE-ID: CVE-2021-1745)
The vulnerability allows a local user to crash the system.
The vulnerability exists due to a boundary condition when processing USB files in the Model I/O component in macOS. A local user can insert a specially crafted USB drive, trigger out-of-bounds read error and crash the system.
43) Out-of-bounds write (CVE-ID: CVE-2021-1762)
The vulnerability allows a local attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input within the Model I/O component in macOS. An attacker can use a specially crafted USD file to crash the system or execute arbitrary code.
44) Heap-based buffer overflow (CVE-ID: CVE-2021-1767)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the Model I/O component in macOS. A remote attacker can pass specially crafted file, trick the victim into opening it,, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
45) Out-of-bounds read (CVE-ID: CVE-2021-1753)
The vulnerability allows a local user to crash the system.
The vulnerability exists due to a boundary condition when processing USB files in the Model I/O component in macOS. A local user can insert a specially crafted USB drive, trigger out-of-bounds read error and crash the system.
46) Information disclosure (CVE-ID: CVE-2021-1756)
The vulnerability allows an attacker to gain access to potentially sensitive information.
The vulnerability exists due to a lock screen issue in the Phone Keypad. An attacker with physical proximity to device can access private contact information on a locked device.
47) Improper Authentication (CVE-ID: CVE-2021-1769)
The vulnerability allows a local user to bypass authentication process.
The vulnerability exists due to an error in when processing authentication requests within the Swift component in macOS. A local user with arbitrary read and write capability may be able to bypass Pointer Authentication.
48) Use-after-free (CVE-ID: CVE-2021-1788)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in WebKit. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
49) Type Confusion (CVE-ID: CVE-2021-1789)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error in WebKit. A remote attacker can trick the victim to open a specially crafted website, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
50) Security restrictions bypass (CVE-ID: CVE-2021-1801)
The vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to application does not properly impose sanboxing policy in WebKit. A remote attacker can create a specially crafted web page, trick the victim into visiting it and bypass implemented security restrictions.
51) Information disclosure (CVE-ID: CVE-2021-1799)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a port redirection issue in WebRTC. A remote attacker can gain unauthorized access to sensitive information, such as open ports in the local network.
52) Out-of-bounds write (CVE-ID: CVE-2021-1737)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
53) Out-of-bounds write (CVE-ID: CVE-2021-1738)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing image files within the ImageIO component in macOS. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
54) Out-of-bounds read (CVE-ID: CVE-2021-1838)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the ImageIO framework. A remote attacker can create a specially crafted PICT image, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
55) Type Confusion (CVE-ID: CVE-2021-30869)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a type confusion error within the XNU subsystem. A local user can run a specially crafted program to trigger a type confusion error and execute arbitrary code with elevated privileges.
Note, the vulnerability is being actively exploited in the wild.
Remediation
Install update from vendor's website.