CVE-2021-30912: Medium severity apple macos vulnerability
Published Aug 24, 2021
·Updated
SoftwareUpdate. The issue was addressed with improved permissions logic.
Other sources
The issue was addressed with improved permissions logic. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may gain access to a user's Keychain items.
Credit
Kirin@@Pwnrin, chenyuwang@@mzzzz__(Tencent Security Xuanwu Lab), Kirin@@Pwnrin, chenyuwang@@mzzzz__(Tencent Security Xuanwu Lab), Kirin@@Pwnrin, chenyuwang@@mzzzz__(Tencent Security Xuanwu Lab)
Affected Software
15 affected componentsFixes available
Apple macOS Big Sur<11.6.1
11.6.1
Apple Catalina
Apple macOS Monterey<12.0.1
12.0.1
Apple iOS and macOS<10.15.7
Apple iOS and macOS=10.15.7
Apple iOS and macOS=10.15.7-security_update_2020-001
Apple iOS and macOS=10.15.7-security_update_2021-001
Apple iOS and macOS=10.15.7-security_update_2021-002
Apple iOS and macOS=10.15.7-security_update_2021-003
Apple iOS and macOS=10.15.7-security_update_2021-004
Apple iOS and macOS=10.15.7-security_update_2021-005
Apple iOS and macOS=10.15.7-security_update_2021-006
Apple iOS and macOS=10.15.7-supplemental_update
Apple macOS>=11.0<11.6.1
Apple macOS=12.0
Event History
Aug 24, 2021
CVE Published
via MITRE·06:50 PM
Data Sourced
via MITRE·06:50 PM
DescriptionWeakness
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2021-30876
- CVE-2021-30879
- CVE-2021-30877
- CVE-2021-30880
- CVE-2021-30907
- CVE-2021-30899
- CVE-2021-30926
- CVE-2021-30917
- CVE-2021-30903
- CVE-2021-30905
- CVE-2021-30919
- CVE-2021-30881
- CVE-2021-30900
- CVE-2021-30906
- CVE-2021-30824
- CVE-2021-30901
- CVE-2021-30922
- CVE-2021-30821
- CVE-2021-30883
- CVE-2021-30909
- CVE-2021-30916
- CVE-2021-30910
- CVE-2021-30911
- CVE-2021-30844
- CVE-2021-30868
- CVE-2021-30913
- CVE-2021-30912
- CVE-2021-30915
- CVE-2021-30908
- CVE-2021-30833
- CVE-2021-30892
- CVE-2021-30873
- CVE-2021-30834
- CVE-2021-30994
- CVE-2021-30931
- CVE-2021-30866
- CVE-2020-9846
- CVE-2021-30923
- CVE-2021-30831
- CVE-2021-30840
- CVE-2021-30852
- CVE-2021-30895
- CVE-2021-30896
- CVE-2021-30933
- CVE-2021-30867
- CVE-2021-30814
- CVE-2021-30924
- CVE-2021-30886
- CVE-2021-30864
- CVE-2021-30813
- CVE-2021-31011
- CVE-2021-30904
- CVE-2021-30874
- CVE-2021-30808
- CVE-2021-30920
- CVE-2021-31004
- CVE-2021-31002
- CVE-2021-31005
- CVE-2021-31008
- CVE-2021-30897
- CVE-2021-30884
- CVE-2021-30818
- CVE-2021-30836
- CVE-2021-30846
- CVE-2021-30849
- CVE-2021-30848
- CVE-2021-30851
- CVE-2021-30809
- CVE-2021-30823
- CVE-2021-30887
- CVE-2021-30888
- CVE-2021-30889
- CVE-2021-30861
- CVE-2021-30890
- CVE-2021-30930
Frequently Asked Questions
1
What is CVE-2021-30912?
CVE-2021-30912 is a vulnerability in SoftwareUpdate that was addressed with improved permissions logic.
2
Which software versions are affected by CVE-2021-30912?
CVE-2021-30912 affects Apple Catalina, macOS Big Sur up to version 11.6.1, and macOS Monterey up to version 12.0.1.
3
How can I fix CVE-2021-30912?
To fix CVE-2021-30912, update your software to the latest version of Apple Catalina, macOS Big Sur, or macOS Monterey as specified in the official Apple support articles.