What is CVE-2021-1815?

CVE-2021-1815 is a vulnerability in Apple software that relates to a parsing issue in the handling of directory paths.

Which Apple products are affected by CVE-2021-1815?

Apple iOS, iPadOS, watchOS, macOS Big Sur, and tvOS versions up to and including 14.5, 7.4, 11.3, 14.5, and 14.5 respectively are affected.

What is the severity of CVE-2021-1815?

The severity of CVE-2021-1815 is not mentioned in the provided information.

How can I fix CVE-2021-1815?

To fix CVE-2021-1815, update your Apple software to the recommended versions mentioned in the provided references.

Where can I find more information about CVE-2021-1815?

You can find more information about CVE-2021-1815 in the provided references: [Link 1](https://support.apple.com/en-us/HT212317), [Link 2](https://support.apple.com/en-us/HT212324), [Link 3](https://support.apple.com/en-us/HT212325)

Vulnerability/
CVE-2021-1815

medium

5.5

CWE

26/4/2021

8/9/2021

18/10/2022

CVE-2021-1815: Path Traversal

First published: Mon Apr 26 2021(Updated: )

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A local user may be able to modify protected parts of the file system.

Credit: Zhipeng Huo @R3dF09 Yuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Yuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Yuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Yuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Yuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Yuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Tencent Security Xuanwu LabYuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Tencent Security Xuanwu LabYuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Tencent Security Xuanwu LabYuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Yuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Yuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Yuebin Sun @yuebinsun2020 Tencent Security Xuanwu Lab product-security@apple.com

Affected Software	Affected Version	How to fix
Apple tvOS	<14.5	14.5
Apple macOS Big Sur	<11.3	11.3
Apple iPadOS	<14.5
Apple iPhone OS	<14.5
Apple macOS	>=11.0<11.3
Apple tvOS	<14.5
Apple watchOS	<7.4

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT212325 (Advisory)
https://support.apple.com/en-us/HT212317 (Advisory)
https://support.apple.com/en-us/HT212323 (Advisory)
https://support.apple.com/en-us/HT212324 (Advisory)
https://support.apple.com/kb/HT212324

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2021-1835
CVE-2021-1837
CVE-2021-1867
CVE-2021-1849
CVE-2021-1836
CVE-2021-1808
CVE-2021-30742
CVE-2021-1857
CVE-2021-30752
CVE-2021-30664
CVE-2021-1846
CVE-2021-1809
CVE-2021-30659
CVE-2021-1812
CVE-2021-1811
CVE-2021-1872
CVE-2021-1881
CVE-2021-1882
CVE-2021-1813
CVE-2021-30656
CVE-2021-1883
CVE-2021-1884
CVE-2021-30743
CVE-2021-1885
CVE-2021-30653
CVE-2021-1843
CVE-2021-1858
CVE-2021-30764
CVE-2021-30662
CVE-2021-1864
CVE-2021-1877
CVE-2021-1852
CVE-2021-1830
CVE-2021-1874
CVE-2021-1851
CVE-2021-1860
CVE-2021-1816
CVE-2021-1832
CVE-2021-30660
CVE-2021-30652
CVE-2021-1875
CVE-2021-1833
CVE-2021-1822
CVE-2021-1865
CVE-2021-1815
CVE-2021-1739
CVE-2021-1740
CVE-2021-1863
CVE-2021-1807
CVE-2021-1831
CVE-2021-1862
CVE-2021-1868
CVE-2021-1854
CVE-2021-30921
CVE-2021-1848
CVE-2021-1825
CVE-2021-1817
CVE-2021-1826
CVE-2021-1820
CVE-2021-30661
CVE-2020-7463
CVE-2021-1770
CVE-2021-1844
CVE-2021-1880
CVE-2021-1814
CVE-2021-1853
CVE-2021-1810
CVE-2021-1847
CVE-2020-8284
CVE-2020-8286
CVE-2020-8285
CVE-2021-1784
CVE-2021-30658
CVE-2021-1841
CVE-2021-1834
CVE-2021-1840
CVE-2021-1824
CVE-2021-1859
CVE-2021-1876
CVE-2021-1861
CVE-2021-1855
CVE-2021-30750
CVE-2021-1878
CVE-2021-30657
CVE-2021-30856
CVE-2020-8037
CVE-2021-1839
CVE-2021-1828
CVE-2021-1829
CVE-2021-30655
CVE-2021-1873

Frequently Asked Questions

What is CVE-2021-1815?
CVE-2021-1815 is a vulnerability in Apple software that relates to a parsing issue in the handling of directory paths.
Which Apple products are affected by CVE-2021-1815?
Apple iOS, iPadOS, watchOS, macOS Big Sur, and tvOS versions up to and including 14.5, 7.4, 11.3, 14.5, and 14.5 respectively are affected.
What is the severity of CVE-2021-1815?
The severity of CVE-2021-1815 is not mentioned in the provided information.
How can I fix CVE-2021-1815?
To fix CVE-2021-1815, update your Apple software to the recommended versions mentioned in the provided references.
Where can I find more information about CVE-2021-1815?
You can find more information about CVE-2021-1815 in the provided references: [Link 1](https://support.apple.com/en-us/HT212317), [Link 2](https://support.apple.com/en-us/HT212324), [Link 3](https://support.apple.com/en-us/HT212325)

agent/author
agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/type
agent/weakness
collector/apple-support
alias/CVE-2021-1739
alias/CVE-2021-1740
agent/software-canonical-lookup-request
source/Apple
agent/software-canonical-lookup
collector/nvd-index
vendor/apple
canonical/apple ios
canonical/apple ipados
canonical/apple tvos
canonical/apple watchos
canonical/apple macos big sur
canonical/apple iphone os
canonical/apple macos
version/apple macos/11.0