CVE-2021-30807 Zero-Day Exploited in the Wild
Known as CVE-2021-30807, the flaw is a memory corruption issue located in the IOMobileFrameBuffer component, a kernel extension that manages the screen framebuffer which exists in both iOS and macOS. Shortly said, the zero-day bug could be abused to execute arbitrary code with kernel privileges. The issue has been fixed according to the specific device platform.
Apple released three updates, iOS 14.7., iPadOS 14.7.1 and macOS Big Sur 11.5.1 to patch the vulnerability on each of the platforms Monday.
According to Vulnerability Database, “a vulnerability was found in Apple iOS and iPadOS.” Rated as critical, the flaw could cause memory corruption, and in terms of impact, it could affect confidentiality, integrity, and availability.
As a result of the flaw, an application may be able to execute arbitrary code with kernel privileges. Apple hasn’t released any detailed technical description, to limit the possibility of the zero-day’s weaponization. Furthermore, there are indications CVE-2021-30807 may have been utilized in attacks in the wild. This is also the 13th zero-fay issue Apple has fixed so far in 2021.
Previous zero-days include CVE-2021-1782, CVE-2021-1870, and CVE-2021-1871 in iOS and iPadOS; CVE-2021-30657 in macOS which was exploited by the Shlayer malware; CVE-2021-30737, CVE-2021-30761, CVE-2021-30762 in iOS.
Apparently, there’s an available proof-of-concept exploit code in the wild, so applying the urgent patch against CVE-2021-30807 is highly advisable.