An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A malicious application may be able to bypass Privacy preferences.
References
Link | Resource |
---|---|
https://support.apple.com/en-us/HT212317 | Vendor Advisory |
https://support.apple.com/en-us/HT212323 | Vendor Advisory |
https://support.apple.com/en-us/HT212324 | Vendor Advisory |
https://support.apple.com/en-us/HT212325 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
20 Sep 2021, 20:20
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CWE | CWE-347 | |
CPE | cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* |
|
References | (MISC) https://support.apple.com/en-us/HT212325 - Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT212323 - Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT212324 - Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT212317 - Vendor Advisory |
08 Sep 2021, 15:30
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-09-08 15:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-1849
Mitre link : CVE-2021-1849
CVE.ORG link : CVE-2021-1849
JSON object : View
Products Affected
apple
- iphone_os
- macos
- ipados
- tvos
- watchos
CWE
CWE-347
Improper Verification of Cryptographic Signature