CVE-2021-30926

Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. Processing a maliciously crafted image may lead to arbitrary code execution.

Published: Aug 24, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-30926
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-787

Affected Software
References

Software	From	Fixed in
apple / mac_os_x	10.15.7-supplemental_update	10.15.7-supplemental_update.x
apple / mac_os_x	10.15.7-security_update_2020-005	10.15.7-security_update_2020-005.x
apple / mac_os_x	10.15.7-security_update_2020-007	10.15.7-security_update_2020-007.x
apple / mac_os_x	10.15.7	10.15.7.x
apple / mac_os_x	10.15.7-security_update_2020-001	10.15.7-security_update_2020-001.x
apple / mac_os_x	10.15.7-security_update_2020	10.15.7-security_update_2020.x
apple / mac_os_x	10.15.7-security_update_2021-001	10.15.7-security_update_2021-001.x
apple / mac_os_x	10.15.7-security_update_2021-002	10.15.7-security_update_2021-002.x
apple / mac_os_x	10.15.7-security_update_2021-003	10.15.7-security_update_2021-003.x
apple / mac_os_x	10.15.7-security_update_2021-006	10.15.7-security_update_2021-006.x
apple / iphone_os	-	14.8.1
apple / macos	11.0	11.6.1
apple / watchos	-	8.3
apple / tvos	-	15.2
apple / macos	-	12.1
apple / mac_os_x	10.15	10.15.17
apple / ipados	-	14.8.1

Vulnerability Database

289,697

CVE-2021-30926