Vulnerabilities > CVE-2021-1772 - Out-of-bounds Write vulnerability in Apple products
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A stack overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted text file may lead to arbitrary code execution.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://support.apple.com/en-us/HT212146
- https://support.apple.com/en-us/HT212146
- https://support.apple.com/en-us/HT212147
- https://support.apple.com/en-us/HT212147
- https://support.apple.com/en-us/HT212148
- https://support.apple.com/en-us/HT212148
- https://support.apple.com/en-us/HT212149
- https://support.apple.com/en-us/HT212149
- https://www.zerodayinitiative.com/advisories/ZDI-21-758/
- https://www.zerodayinitiative.com/advisories/ZDI-21-758/