CVE-2021-30860 – Apple / Multiple – Integer overflow

CVE-2021-30860 is an integer overflow vulnerability impacting Apple macOS Catalina, Apple macOS Big Sur versions 11.5.2 and earlier, Apple watchOS versions 7.6.1 and earlier, Apple iOS versions 14.7.1 and iPadOS 14.7.1 and earlier. A proof of concept (PoC) was not observed publicly or in the underground. Apple claimed to be aware of the vulnerability being actively exploited in the wild.

Summary:

CVE-2021-30860 is an integer overflow vulnerability impacting Apple macOS Catalina, Apple macOS Big Sur versions 11.5.2 and earlier, Apple watchOS versions 7.6.1 and earlier, Apple iOS versions 14.7.1 and iPadOS 14.7.1 and earlier. A proof of concept (PoC) was not observed publicly or in the underground. Apple claimed to be aware of the vulnerability being actively exploited in the wild.

PoC Links(if available):

Apple exploitation information –
https://support.apple.com/en-gb/HT212805

Known Counter Measures:

Apple addressed the vulnerability in security advisories with updated versions.

Links to patches(if available)

https://support.apple.com/en-gb/HT212805