CVE-2021-30657 vulnerability in Apple Products
Published on September 8, 2021
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited..
Known Exploited Vulnerability
This Apple macOS Policy Subsystem Gatekeeper Bypass vulnerability is part of CISA's list of Known Exploited Vulnerabilities. A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited.
The following remediation steps are recommended / required by November 17, 2021: Apply updates per vendor instructions.
Vulnerability Analysis
CVE-2021-30657 can be exploited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.
Products Associated with CVE-2021-30657
You can be notified by stack.watch whenever vulnerabilities like CVE-2021-30657 are published in these products:
What versions are vulnerable to CVE-2021-30657?
- Apple Mac OSX Version 10.15.7 supplemental_update
- Apple Mac OSX Version 10.15.7 security_update_2020-005
- Apple Mac OSX Version 10.15.7 security_update_2020-007
- Apple Mac OSX Version 10.15.7 -
- Apple Mac OSX Version 10.15.7 security_update_2020-001
- Apple Mac OSX Version 10.15.6 supplemental_update
- Apple Mac OSX Version 10.15.6 -
- Apple Mac OSX Version 10.15.7 security_update_2020
- Apple Macos Version 11.0 Fixed in Version 11.3
- Apple Mac OSX Version 10.15 through 10.15.5