CVE-2021-30664

Q: What is the vulnerability ID for this issue?

The vulnerability ID is CVE-2021-30664.

Q: What is the title of this vulnerability?

The title of this vulnerability is 'CoreAudio. An out-of-bounds write issue was addressed with improved bounds checking.'

Q: What is the description of this vulnerability?

The description of this vulnerability is 'CoreAudio. Processing a maliciously crafted file may lead to arbitrary code execution.'

Q: Which software products are affected by this vulnerability?

The following software products are affected by this vulnerability: Apple iOS 14.5, Apple iPadOS 14.5, Apple watchOS 7.4, Apple macOS Big Sur 11.3, and Apple tvOS 14.5.

Q: Where can I find more information about this vulnerability?

More information about this vulnerability can be found at the following references: [link1], [link2], [link3].

Published Apr 26, 2021

Updated

CoreAudio. An out-of-bounds write issue was addressed with improved bounds checking.

Credit

JunDong Xie(Ant Security Light)

Affected Software

10 affected componentsFixes available

Apple macOS Big Sur<11.3

11.3

Apple tvOS<14.5

14.5

Apple WatchOS<7.4

7.4

Apple iOS<14.5

14.5

Apple iPadOS<14.5

14.5

Apple iPadOS<14.5

Apple iPhone OS<14.5

Apple macOS>=11.0<11.3

Apple tvOS<14.5

Apple WatchOS<7.4

Event History

Sep 8, 2021

CVE Published

via MITRE·02:32 PM

Data Sourced

via MITRE·02:32 PM

DescriptionWeakness

Frequently Asked Questions

What is the vulnerability ID for this issue?

The vulnerability ID is CVE-2021-30664.

What is the title of this vulnerability?

The title of this vulnerability is 'CoreAudio. An out-of-bounds write issue was addressed with improved bounds checking.'

What is the description of this vulnerability?

The description of this vulnerability is 'CoreAudio. Processing a maliciously crafted file may lead to arbitrary code execution.'

Which software products are affected by this vulnerability?

The following software products are affected by this vulnerability: Apple iOS 14.5, Apple iPadOS 14.5, Apple watchOS 7.4, Apple macOS Big Sur 11.3, and Apple tvOS 14.5.

Where can I find more information about this vulnerability?

More information about this vulnerability can be found at the following references: [link1], [link2], [link3].

CVSS Score

7.8High

High Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Security Metrics

Risk Score70

Severityhigh(7.8)

CWE

787

Timeline

PublishedApr 26, 2021

Updated

References

Parent Advisories

Peer Vulnerabilities

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

CVE-2021-30664

Credit

Affected Software

Event History

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the vulnerability ID for this issue?

What is the title of this vulnerability?

What is the description of this vulnerability?

Which software products are affected by this vulnerability?

Where can I find more information about this vulnerability?

Company

Resources

Contact