What is the vulnerability ID of this issue?

The vulnerability ID of this issue is CVE-2021-30731.

What is the title of this vulnerability?

The title of this vulnerability is IOUSBHostFamily.

What is the description of this vulnerability?

This vulnerability in IOUSBHostFamily allows an unprivileged application to capture USB devices.

Which software is affected by this vulnerability?

The affected software includes Apple Catalina and Apple macOS Big Sur (up to version 11.4).

How can this vulnerability be addressed?

This vulnerability has been addressed with improved checks in the IOUSBHostFamily.

Vulnerability/
CVE-2021-30731

medium

5.5

24/5/2021

8/9/2021

3/8/2024

CVE-2021-30731

First published: Mon May 24 2021(Updated: )

IOUSBHostFamily. An unprivileged application may be able to capture USB devices.

Credit: UTM @UTMapp product-security@apple.com UTM @UTMapp

Affected Software	Affected Version	How to fix
Apple macOS Big Sur	<11.4	11.4
Apple Catalina
Apple Mac OS X	>=10.15<=10.15.6
Apple Mac OS X	=10.15.7
Apple Mac OS X	=10.15.7-security_update_2020
Apple Mac OS X	=10.15.7-security_update_2020-001
Apple Mac OS X	=10.15.7-security_update_2020-005
Apple Mac OS X	=10.15.7-security_update_2020-007
Apple Mac OS X	=10.15.7-security_update_2021-001
Apple Mac OS X	=10.15.7-security_update_2021-002
Apple Mac OS X	=10.15.7-security_update_2021-003
Apple Mac OS X	=10.15.7-supplemental_update
Apple macOS	>=11.0.1<11.4

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT212600 (Advisory)
https://support.apple.com/en-us/HT212529 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2021-30805
CVE-2021-30790
CVE-2021-30811
CVE-2021-30781
CVE-2021-30672
CVE-2021-30775
CVE-2021-30776
CVE-2021-30772
CVE-2021-30777
CVE-2021-30789
CVE-2021-30733
CVE-2021-30774
CVE-2021-30780
CVE-2021-30768
CVE-2021-30760
CVE-2021-30759
CVE-2021-30788
CVE-2021-30785
CVE-2021-30787
CVE-2021-30765
CVE-2021-30766
CVE-2021-30784
CVE-2021-30731
CVE-2021-30703
CVE-2021-30793
CVE-2021-30677
CVE-2021-30783
CVE-2021-30791
CVE-2021-30792
CVE-2021-30796
CVE-2021-30782
CVE-2021-30799
CVE-2021-30678
CVE-2021-30676
CVE-2021-30688
CVE-2021-30669
CVE-2021-30707
CVE-2021-30685
CVE-2021-30681
CVE-2021-30686
CVE-2021-30753
CVE-2021-30727
CVE-2021-30724
CVE-2021-30673
CVE-2021-30771
CVE-2021-30755
CVE-2021-30684
CVE-2021-30735
CVE-2021-30697
CVE-2021-30710
CVE-2021-30683
CVE-2021-30687
CVE-2021-30700
CVE-2021-30701
CVE-2021-30705
CVE-2021-30706
CVE-2021-30719
CVE-2021-30728
CVE-2021-30726
CVE-2021-30740
CVE-2021-30704
CVE-2021-30715
CVE-2021-30736
CVE-2021-30739
CVE-2021-30680
CVE-2021-30702
CVE-2021-30696
CVE-2021-30756
CVE-2021-30723
CVE-2021-30691
CVE-2021-30692
CVE-2021-30694
CVE-2021-30725
CVE-2021-30746
CVE-2021-30693
CVE-2021-30695
CVE-2021-30708
CVE-2021-30709
CVE-2021-30679
CVE-2020-36226
CVE-2020-36227
CVE-2020-36223
CVE-2020-36224
CVE-2020-36225
CVE-2020-36221
CVE-2020-36228
CVE-2020-36222
CVE-2020-36230
CVE-2020-36229
CVE-2021-30738
CVE-2021-30751
CVE-2021-30737
CVE-2021-30716
CVE-2021-30717
CVE-2021-30721
CVE-2021-30722
CVE-2021-30712
CVE-2021-30668
CVE-2021-30718
CVE-2021-30671
CVE-2021-30713
CVE-2021-30744
CVE-2021-21779
CVE-2021-30682
CVE-2021-30689
CVE-2021-30749
CVE-2021-30734
CVE-2021-30720
CVE-2021-23841
CVE-2021-30698

Frequently Asked Questions

What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2021-30731.
What is the title of this vulnerability?
The title of this vulnerability is IOUSBHostFamily.
What is the description of this vulnerability?
This vulnerability in IOUSBHostFamily allows an unprivileged application to capture USB devices.
Which software is affected by this vulnerability?
The affected software includes Apple Catalina and Apple macOS Big Sur (up to version 11.4).
How can this vulnerability be addressed?
This vulnerability has been addressed with improved checks in the IOUSBHostFamily.

collector/apple-support
collector/nvd-index
agent/author
agent/references
agent/severity
agent/type
agent/description
agent/event
agent/software-canonical-lookup-request
agent/softwarecombine
agent/last-modified-date
agent/first-publish-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/apple
canonical/apple catalina
canonical/apple mac os x
version/apple mac os x/10.15
version/apple mac os x/10.15.6
version/apple mac os x/10.15.7
version/apple mac os x/10.15.7-security_update_2020
version/apple mac os x/10.15.7-security_update_2020-001
version/apple mac os x/10.15.7-security_update_2020-005
version/apple mac os x/10.15.7-security_update_2020-007
version/apple mac os x/10.15.7-security_update_2021-001
version/apple mac os x/10.15.7-security_update_2021-002
version/apple mac os x/10.15.7-security_update_2021-003
version/apple mac os x/10.15.7-supplemental_update
canonical/apple macos
version/apple macos/11.0.1
canonical/apple macos big sur