Home > Cyber News > iOS CVE-2021-30807 Zero-Day Exploited in the Wild, Patch Now
CYBER NEWS

iOS CVE-2021-30807 Zero-Day Exploited in the Wild, Patch Now

CVE-2021-30807  ios zero-day
A zero-day vulnerability in iOS, iPadOS, and macOS was just fixed with an urgent security update. Apple said the zero-day may have been exploited.

CVE-2021-30807 Zero-Day Exploited in the Wild

Known as CVE-2021-30807, the flaw is a memory corruption issue located in the IOMobileFrameBuffer component, a kernel extension that manages the screen framebuffer which exists in both iOS and macOS. Shortly said, the zero-day bug could be abused to execute arbitrary code with kernel privileges. The issue has been fixed according to the specific device platform.

Apple released three updates, iOS 14.7., iPadOS 14.7.1 and macOS Big Sur 11.5.1 to patch the vulnerability on each of the platforms Monday.

According to Vulnerability Database, “a vulnerability was found in Apple iOS and iPadOS.” Rated as critical, the flaw could cause memory corruption, and in terms of impact, it could affect confidentiality, integrity, and availability.




As a result of the flaw, an application may be able to execute arbitrary code with kernel privileges. Apple hasn’t released any detailed technical description, to limit the possibility of the zero-day’s weaponization. Furthermore, there are indications CVE-2021-30807 may have been utilized in attacks in the wild. This is also the 13th zero-fay issue Apple has fixed so far in 2021.

Previous zero-days include CVE-2021-1782, CVE-2021-1870, and CVE-2021-1871 in iOS and iPadOS; CVE-2021-30657 in macOS which was exploited by the Shlayer malware; CVE-2021-30737, CVE-2021-30761, CVE-2021-30762 in iOS.

Apparently, there’s an available proof-of-concept exploit code in the wild, so applying the urgent patch against CVE-2021-30807 is highly advisable.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree