CVE-2021-1858
First published: Mon Apr 26 2021(Updated: )
ImageIO. An out-of-bounds write issue was addressed with improved bounds checking.
Credit: Mickey Jin Qi Sun Trend Micro working with Trend MicroMickey Jin Trend Micro product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS | <11.3 | 11.3 |
| tvOS | <14.5 | 14.5 |
| macOS Catalina | ||
| Apple iOS, iPadOS, and watchOS | <14.5 | 14.5 |
| Apple iOS, iPadOS, and watchOS | <14.5 | 14.5 |
| Apple iOS, iPadOS, and watchOS | <7.4 | 7.4 |
| Apple iOS, iPadOS, and watchOS | <14.5 | |
| iOS | <14.5 | |
| Apple iOS and macOS | =10.14 | |
| Apple iOS and macOS | =10.14.0 | |
| Apple iOS and macOS | =10.14.1 | |
| Apple iOS and macOS | =10.14.2 | |
| Apple iOS and macOS | =10.14.3 | |
| Apple iOS and macOS | =10.14.4 | |
| Apple iOS and macOS | =10.14.4-beta4 | |
| Apple iOS and macOS | =10.14.5 | |
| Apple iOS and macOS | =10.14.6 | |
| Apple iOS and macOS | =10.14.6 | |
| Apple iOS and macOS | =10.14.6-security_update_2019-001 | |
| Apple iOS and macOS | =10.14.6-security_update_2019-002 | |
| Apple iOS and macOS | =10.14.6-security_update_2019-004 | |
| Apple iOS and macOS | =10.14.6-security_update_2019-005 | |
| Apple iOS and macOS | =10.14.6-security_update_2019-006 | |
| Apple iOS and macOS | =10.14.6-security_update_2019-007 | |
| Apple iOS and macOS | =10.14.6-security_update_2020-001 | |
| Apple iOS and macOS | =10.14.6-security_update_2020-002 | |
| Apple iOS and macOS | =10.14.6-security_update_2020-003 | |
| Apple iOS and macOS | =10.14.6-security_update_2020-004 | |
| Apple iOS and macOS | =10.14.6-security_update_2020-005 | |
| Apple iOS and macOS | =10.14.6-security_update_2020-006 | |
| Apple iOS and macOS | =10.14.6-security_update_2020-007 | |
| Apple iOS and macOS | =10.14.6-security_update_2021-001 | |
| Apple iOS and macOS | =10.14.6-security_update_2021-002 | |
| Apple iOS and macOS | =10.15 | |
| Apple iOS and macOS | =10.15.1 | |
| Apple iOS and macOS | =10.15.2 | |
| Apple iOS and macOS | =10.15.3 | |
| Apple iOS and macOS | =10.15.4 | |
| Apple iOS and macOS | =10.15.5 | |
| Apple iOS and macOS | =10.15.6 | |
| Apple iOS and macOS | =10.15.6 | |
| Apple iOS and macOS | =10.15.6-supplemental_update | |
| Apple iOS and macOS | =10.15.7 | |
| Apple iOS and macOS | =10.15.7 | |
| Apple iOS and macOS | =10.15.7-security_update_2020 | |
| Apple iOS and macOS | =10.15.7-security_update_2020-001 | |
| Apple iOS and macOS | =10.15.7-security_update_2020-005 | |
| Apple iOS and macOS | =10.15.7-security_update_2020-007 | |
| Apple iOS and macOS | =10.15.7-security_update_2021-001 | |
| Apple iOS and macOS | >=11.0<11.3 | |
| tvOS | <14.5 | |
| Apple iOS, iPadOS, and watchOS | <7.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2021-1853
- CVE-2021-1849
- CVE-2021-1867
- CVE-2021-1810
- CVE-2021-1808
- CVE-2021-1857
- CVE-2021-30752
- CVE-2021-30664
- CVE-2021-1846
- CVE-2021-1809
- CVE-2021-30659
- CVE-2021-1847
- CVE-2021-1811
- CVE-2020-8284
- CVE-2020-8286
- CVE-2020-8285
- CVE-2021-1784
- CVE-2021-1872
- CVE-2021-1881
- CVE-2021-1882
- CVE-2021-1813
- CVE-2021-1883
- CVE-2021-1884
- CVE-2021-1880
- CVE-2021-30653
- CVE-2021-1814
- CVE-2021-1843
- CVE-2021-1885
- CVE-2021-1858
- CVE-2021-30743
- CVE-2021-30658
- CVE-2021-1841
- CVE-2021-1834
- CVE-2021-1860
- CVE-2021-1840
- CVE-2021-1851
- CVE-2021-1832
- CVE-2021-30660
- CVE-2021-30652
- CVE-2021-1875
- CVE-2021-1824
- CVE-2021-1859
- CVE-2021-1876
- CVE-2021-1815
- CVE-2021-1739
- CVE-2021-1740
- CVE-2021-1861
- CVE-2021-1855
- CVE-2021-1868
- CVE-2021-30750
- CVE-2021-1878
- CVE-2021-30657
- CVE-2021-30856
- CVE-2020-8037
- CVE-2021-1839
- CVE-2021-1825
- CVE-2021-1817
- CVE-2021-1826
- CVE-2021-1820
- CVE-2021-30661
- CVE-2020-7463
- CVE-2021-1828
- CVE-2021-1829
- CVE-2021-30655
- CVE-2021-1770
- CVE-2021-1873
- CVE-2021-1836
- CVE-2021-30764
- CVE-2021-1864
- CVE-2021-1816
- CVE-2021-1822
- CVE-2021-1844
- CVE-2021-1797
- CVE-2020-27942
- CVE-2020-3838
- CVE-2021-1835
- CVE-2021-1837
- CVE-2021-30742
- CVE-2021-1812
- CVE-2021-30656
- CVE-2021-30662
- CVE-2021-1877
- CVE-2021-1852
- CVE-2021-1830
- CVE-2021-1874
- CVE-2021-1833
- CVE-2021-1865
- CVE-2021-1863
- CVE-2021-1807
- CVE-2021-1831
- CVE-2021-1862
- CVE-2021-1854
- CVE-2021-30921
- CVE-2021-1848
Frequently Asked Questions
What is CVE-2021-1858?
CVE-2021-1858 is a vulnerability in ImageIO that can lead to arbitrary code execution.
How severe is CVE-2021-1858?
CVE-2021-1858 is a serious vulnerability that can lead to arbitrary code execution.
Which software versions are affected by CVE-2021-1858?
CVE-2021-1858 affects Apple iOS up to version 14.5, Apple iPadOS up to version 14.5, Apple watchOS up to version 7.4, Apple macOS Big Sur up to version 11.3, Apple Catalina, and Apple tvOS up to version 14.5.
How can I fix CVE-2021-1858?
To fix CVE-2021-1858, update your Apple device to the latest available version of iOS, iPadOS, watchOS, macOS Big Sur, Catalina, or tvOS.
Where can I find more information about CVE-2021-1858?
You can find more information about CVE-2021-1858 on the official Apple support page: [https://support.apple.com/en-us/HT212326](https://support.apple.com/en-us/HT212326).
- agent/first-publish-date
- agent/type
- agent/weakness
- agent/severity
- agent/description
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/trending
- collector/apple-support
- agent/software-canonical-lookup-request
- agent/source
- agent/author
- source/Apple
- agent/software-canonical-lookup
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/apple
- canonical/apple macos
- canonical/tvos
- canonical/macos catalina
- canonical/apple ios, ipados, and watchos
- canonical/ios
- canonical/apple ios and macos
- version/apple ios and macos/10.14
- version/apple ios and macos/10.14.0
- version/apple ios and macos/10.14.1
- version/apple ios and macos/10.14.2
- version/apple ios and macos/10.14.3
- version/apple ios and macos/10.14.4
- version/apple ios and macos/10.14.4-beta4
- version/apple ios and macos/10.14.5
- version/apple ios and macos/10.14.6
- version/apple ios and macos/10.14.6-security_update_2019-001
- version/apple ios and macos/10.14.6-security_update_2019-002
- version/apple ios and macos/10.14.6-security_update_2019-004
- version/apple ios and macos/10.14.6-security_update_2019-005
- version/apple ios and macos/10.14.6-security_update_2019-006
- version/apple ios and macos/10.14.6-security_update_2019-007
- version/apple ios and macos/10.14.6-security_update_2020-001
- version/apple ios and macos/10.14.6-security_update_2020-002
- version/apple ios and macos/10.14.6-security_update_2020-003
- version/apple ios and macos/10.14.6-security_update_2020-004
- version/apple ios and macos/10.14.6-security_update_2020-005
- version/apple ios and macos/10.14.6-security_update_2020-006
- version/apple ios and macos/10.14.6-security_update_2020-007
- version/apple ios and macos/10.14.6-security_update_2021-001
- version/apple ios and macos/10.14.6-security_update_2021-002
- version/apple ios and macos/10.15
- version/apple ios and macos/10.15.1
- version/apple ios and macos/10.15.2
- version/apple ios and macos/10.15.3
- version/apple ios and macos/10.15.4
- version/apple ios and macos/10.15.5
- version/apple ios and macos/10.15.6
- version/apple ios and macos/10.15.6-supplemental_update
- version/apple ios and macos/10.15.7
- version/apple ios and macos/10.15.7-security_update_2020
- version/apple ios and macos/10.15.7-security_update_2020-001
- version/apple ios and macos/10.15.7-security_update_2020-005
- version/apple ios and macos/10.15.7-security_update_2020-007
- version/apple ios and macos/10.15.7-security_update_2021-001
- version/apple ios and macos/11.0