MacOS, iPadOS, and iOS Local Privilege Escalation Vulnerability (CVE-2021-30807)

July 27, 2021

Summary

A software update was released fixing a local privilege escalation vulnerability affecting MacOS, iPadOS, and iOS. A proof of concept exploit has been publicly released and Apple reports this vulnerability is currently being exploited.

Impact

A vulnerability in the IOMobileFrameBuffer component can be used to run arbitrary code with kernel privileges.

Vulnerable

MacOS Big Sur 11.5
iPadOS 14.7
iOS 14.7

Recommendations

Upgrade to the latest version of your operating system immediately. (MacOS Big Sur 11.5.1, iPadOS 14.7.1, or iOS 14.7.1)

References

[1] https://support.apple.com/en-us/HT212622
[2] https://support.apple.com/en-us/HT212623
[3] https://thehackernews.com/2021/07/apple-releases-urgent-0-day-bug-patch.html

MacOS, iPadOS, and iOS Local Privilege Escalation Vulnerability (CVE-2021-30807)

On This Page

Recent Stories

January 9, 2023

March 31, 2022

December 10, 2021

Summary

Impact

Vulnerable

Recommendations

References