CVE-2021-30840: High severity tvos vulnerability

Q: What is CVE-2021-30840?

CVE-2021-30840 refers to a vulnerability in FontParser in Apple watchOS, iOS, iPadOS, macOS Monterey, and tvOS.

Q: What is the severity of CVE-2021-30840?

The severity of CVE-2021-30840 is not provided.

Q: How does CVE-2021-30840 impact Apple devices?

CVE-2021-30840 could potentially allow an attacker to execute arbitrary code on affected Apple devices.

Q: How can I fix the CVE-2021-30840 vulnerability?

To fix the CVE-2021-30840 vulnerability, update your Apple watchOS, iOS, iPadOS, macOS Monterey, or tvOS to the specified remediation versions.

Q: Where can I find more information about CVE-2021-30840?

You can find more information about CVE-2021-30840 on the Apple support website.

Published Sep 20, 2021

Updated

FontParser. This issue was addressed with improved checks.

Other sources

This issue was addressed with improved checks. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted dfont file may lead to arbitrary code execution.

Credit

Xingwei Lin(Ant Security Light)

Affected Software

10 affected componentsFixes available

Apple tvOS<15

Apple WatchOS<8

Apple macOS Monterey<12.0.1

12.0.1

Apple iOS<15

Apple iPadOS<15

Apple iPadOS<15.0

Apple iPhone OS<15.0

Apple macOS<12.0.1

Apple tvOS<15.0

Apple WatchOS<8.0

Event History

Oct 28, 2021

CVE Published

via MITRE·06:17 PM

Data Sourced

via MITRE·06:17 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

CVE-2021-30837
CVE-2021-30838
CVE-2021-30866
CVE-2021-30834
CVE-2021-30928
CVE-2021-30831
CVE-2021-30840
CVE-2021-30841
CVE-2021-30842
CVE-2021-30843
CVE-2021-30852
CVE-2021-30814
CVE-2021-30835
CVE-2021-30847
CVE-2021-30857
CVE-2013-0340
CVE-2021-30855
CVE-2021-30854
CVE-2021-30850
CVE-2021-30808
CVE-2021-30897
CVE-2021-30884
CVE-2021-30818
CVE-2021-30823
CVE-2021-30836
CVE-2021-30809
CVE-2021-30846
CVE-2021-30849
CVE-2021-30851
CVE-2021-30810
CVE-2021-30811
CVE-2021-30882
CVE-2021-30925
CVE-2021-30873
CVE-2021-30876
CVE-2021-30879
CVE-2021-30877
CVE-2021-30880
CVE-2021-30994
CVE-2021-30907
CVE-2021-30899
CVE-2021-30931
CVE-2021-30917
CVE-2021-30903
CVE-2021-30905
CVE-2021-30919
CVE-2020-9846
CVE-2021-30881
CVE-2021-30923
CVE-2021-30895
CVE-2021-30896
CVE-2021-30933
CVE-2021-30906
CVE-2021-30867
CVE-2021-30922
CVE-2021-30824
CVE-2021-30901
CVE-2021-30821
CVE-2021-30883
CVE-2021-30924
CVE-2021-30886
CVE-2021-30909
CVE-2021-30916
CVE-2021-30864
CVE-2021-30813
CVE-2021-31011
CVE-2021-30904
CVE-2021-30910
CVE-2021-30911
CVE-2021-30874
CVE-2021-30920
CVE-2021-31004
CVE-2021-31002
CVE-2021-30868
CVE-2021-30912
CVE-2021-30913
CVE-2021-30915
CVE-2021-31005
CVE-2021-31008
CVE-2021-30848
CVE-2021-30887
CVE-2021-30888
CVE-2021-30889
CVE-2021-30861
CVE-2021-30890
CVE-2021-30930
CVE-2021-30908
CVE-2021-30833
CVE-2021-30892
CVE-2021-30825
CVE-2021-30863
CVE-2021-30816
CVE-2021-30819
CVE-2021-30898
CVE-2021-30870
CVE-2021-30815
CVE-2021-31001
CVE-2021-30826

Frequently Asked Questions

What is CVE-2021-30840?

CVE-2021-30840 refers to a vulnerability in FontParser in Apple watchOS, iOS, iPadOS, macOS Monterey, and tvOS.

What is the severity of CVE-2021-30840?