Security News > 2021 > June > Apple Issues Urgent Patches for 2 Zero-Day Flaws Exploited in the Wild
Apple on Monday shipped out-of-band security patches to address two zero-day vulnerabilities in iOS 12.5.3 that it says are being actively exploited in the wild.
The latest update, iOS 12.5.4, comes with fixes for three security bugs, including a memory corruption issue in ASN.1 decoder and two flaws concerning its WebKit browser engine that could be abused to achieve remote code execution -.
CVE-2021-30761 - A memory corruption issue that could be exploited to gain arbitrary code execution when processing maliciously crafted web content.
CVE-2021-30762 - A use-after-free issue that could be exploited to gain arbitrary code execution when processing maliciously crafted web content.
CVE-2021-30665 - Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2021-30666 - Processing maliciously crafted web content may lead to arbitrary code execution.
News URL
Related news
- Apple fixes this year’s first actively exploited zero-day bug (source)
- Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-08 | CVE-2021-30666 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS A buffer overflow issue was addressed with improved memory handling. | 8.8 |
| 2021-09-08 | CVE-2021-30665 | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved state management. | 8.8 |
| 2021-09-08 | CVE-2021-30762 | Use After Free vulnerability in Apple Iphone OS A use after free issue was addressed with improved memory management. | 8.8 |
| 2021-09-08 | CVE-2021-30761 | Out-of-bounds Write vulnerability in Apple Iphone OS A memory corruption issue was addressed with improved state management. | 8.8 |