Home > Cyber News > iOS CVE-2021-30807 Zero-Day Exploited in the Wild, Patch Now
CYBER NEWS

iOS CVE-2021-30807 Zero-Day Exploited in the Wild, Patch Now

by   |  Last Update:  |  0 Comments  

CVE-2021-30807 ios zero-day
A zero-day vulnerability in iOS, iPadOS, and macOS was just fixed with an urgent security update. Apple said the zero-day may have been exploited.

CVE-2021-30807 Zero-Day Exploited in the Wild

Known as CVE-2021-30807, the flaw is a memory corruption issue located in the IOMobileFrameBuffer component, a kernel extension that manages the screen framebuffer which exists in both iOS and macOS. Shortly said, the zero-day bug could be abused to execute arbitrary code with kernel privileges. The issue has been fixed according to the specific device platform.

Apple released three updates, iOS 14.7., iPadOS 14.7.1 and macOS Big Sur 11.5.1 to patch the vulnerability on each of the platforms Monday.

According to Vulnerability Database, “a vulnerability was found in Apple iOS and iPadOS.” Rated as critical, the flaw could cause memory corruption, and in terms of impact, it could affect confidentiality, integrity, and availability.




As a result of the flaw, an application may be able to execute arbitrary code with kernel privileges. Apple hasn’t released any detailed technical description, to limit the possibility of the zero-day’s weaponization. Furthermore, there are indications CVE-2021-30807 may have been utilized in attacks in the wild. This is also the 13th zero-fay issue Apple has fixed so far in 2021.

Previous zero-days include CVE-2021-1782, CVE-2021-1870, and CVE-2021-1871 in iOS and iPadOS; CVE-2021-30657 in macOS which was exploited by the Shlayer malware; CVE-2021-30737, CVE-2021-30761, CVE-2021-30762 in iOS.

Apparently, there’s an available proof-of-concept exploit code in the wild, so applying the urgent patch against CVE-2021-30807 is highly advisable.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. Adobe Patches 112 Vulnerabilities in Latest Patch Package (CVE-2018-5007) Adobe has released the latest patch package that addresses a...
  2. CVE-2022-42827: iOS Zero-Day Exploited in the Wild Apple recently released updates to fix a zero-day, known as...
  3. Patch Your iOS Device against CVE-2021-1782, CVE-2021-1870, and CVE-2021-1871 Apple recently addressed three zero-day vulnerabilities in iOS, iPadOS. CVE-2021-1782,...
  4. Patch Your iOS Device against CVE-2021-30761, CVE-2021-30762 To the attention of Apple users – the company recently...
  5. CVE-2021-1647 Windows Defender Zero-Day Exploited in the Wild For Microsoft and Windows users, 2021 starts off with a...
  6. Beware: 3 Serious Flaws in iOS, iPadOS, watchOS, and macOS (CVE-2020-27930) Apple recently released security fixes for iOS, iPadOS, watchOS, and...
  7. July 2021 Patch Tuesday: Actively Exploited CVE-2021-34448 Fixed Microsoft Windows July 2021 Patch Tuesday just rolled out, patching...
  8. CVE-2021-30632 and CVE-2021-30633: Chrome Zero-Days Exploited in the Wild Is your Chrome browser up-to-date? Google just released fixes for...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree