CVE-2021-30659: Medium severity apple macos vulnerability

Q: What is CVE-2021-30659?

CVE-2021-30659 is a vulnerability related to TCC, a validation issue was addressed with improved logic.

Q: Which software products are affected by CVE-2021-30659?

CVE-2021-30659 affects Apple iOS, Apple iPadOS, Apple watchOS, and Apple macOS Big Sur.

Q: What is the severity of CVE-2021-30659?

The severity of CVE-2021-30659 is not specified.

Q: How do I fix CVE-2021-30659 on my Apple device?

To fix CVE-2021-30659, update your Apple device to the recommended versions specified in the Apple security advisory.

Q: Where can I find more information about CVE-2021-30659?

You can find more information about CVE-2021-30659 on the Apple support website.

Published Apr 26, 2021

Updated

A validation issue was addressed with improved logic. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, macOS Big Sur 11.3. A malicious application may be able to leak sensitive user information.

Other sources

CoreFoundation. A validation issue was addressed with improved logic.

TCC. A validation issue was addressed with improved logic.

Credit

Thijs Alkemade(Computest), Thijs Alkemade(Computest), Thijs Alkemade(Computest)

Affected Software

8 affected componentsFixes available

Apple macOS Big Sur<11.3

11.3

Apple WatchOS<7.4

7.4

Apple iOS<14.5

14.5

Apple iPadOS<14.5

14.5

Apple iPadOS<14.5

Apple iPhone OS<14.5

Apple macOS>=11.0<11.3

Apple WatchOS<7.4

Event History

Sep 8, 2021

CVE Published

via MITRE·02:51 PM

Data Sourced

via MITRE·02:51 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

CVE-2021-1853
CVE-2021-1849
CVE-2021-1867
CVE-2021-1810
CVE-2021-1808
CVE-2021-1857
CVE-2021-30752
CVE-2021-30664
CVE-2021-1846
CVE-2021-1809
CVE-2021-30659
CVE-2021-1847
CVE-2021-1811
CVE-2020-8284
CVE-2020-8286
CVE-2020-8285
CVE-2021-1784
CVE-2021-1872
CVE-2021-1881
CVE-2021-1882
CVE-2021-1813
CVE-2021-1883
CVE-2021-1884
CVE-2021-1880
CVE-2021-30653
CVE-2021-1814
CVE-2021-1843
CVE-2021-1885
CVE-2021-1858
CVE-2021-30743
CVE-2021-30658
CVE-2021-1841
CVE-2021-1834
CVE-2021-1860
CVE-2021-1840
CVE-2021-1851
CVE-2021-1832
CVE-2021-30660
CVE-2021-30652
CVE-2021-1875
CVE-2021-1824
CVE-2021-1859
CVE-2021-1876
CVE-2021-1815
CVE-2021-1739
CVE-2021-1740
CVE-2021-1861
CVE-2021-1855
CVE-2021-1868
CVE-2021-30750
CVE-2021-1878
CVE-2021-30657
CVE-2021-30856
CVE-2020-8037
CVE-2021-1839
CVE-2021-1825
CVE-2021-1817
CVE-2021-1826
CVE-2021-1820
CVE-2021-30661
CVE-2020-7463
CVE-2021-1828
CVE-2021-1829
CVE-2021-30655
CVE-2021-1770
CVE-2021-1873
CVE-2021-30764
CVE-2021-1864
CVE-2021-1816
CVE-2021-1822
CVE-2021-1807
CVE-2021-1835
CVE-2021-1837
CVE-2021-1836
CVE-2021-30742
CVE-2021-1812
CVE-2021-30656
CVE-2021-30662
CVE-2021-1877
CVE-2021-1852
CVE-2021-1830
CVE-2021-1874
CVE-2021-1833
CVE-2021-1865
CVE-2021-1863
CVE-2021-1831
CVE-2021-1862
CVE-2021-1854
CVE-2021-30921
CVE-2021-1848

Frequently Asked Questions

What is CVE-2021-30659?

CVE-2021-30659 is a vulnerability related to TCC, a validation issue was addressed with improved logic.

Which software products are affected by CVE-2021-30659?