CVE-2021-30777
First published: Wed Jul 21 2021(Updated: )
An injection issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A malicious application may be able to gain root privileges.
Credit: Tim Michaud @TimGMichaud Zoom Video CommunicationsGary Nield ECSC Group plcTim Michaud @TimGMichaud Zoom Video CommunicationsGary Nield ECSC Group plc product-security@apple.com Tim Michaud @TimGMichaud Zoom Video CommunicationsGary Nield ECSC Group plc
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS Big Sur | <11.5 | 11.5 |
| Apple Catalina | ||
| Apple Mojave | ||
| Apple Mac OS X | >=10.14<=10.14.5 | |
| Apple Mac OS X | >=10.15<=10.15.6 | |
| Apple Mac OS X | =10.14.6 | |
| Apple Mac OS X | =10.14.6-security_update_2019-001 | |
| Apple Mac OS X | =10.14.6-security_update_2019-002 | |
| Apple Mac OS X | =10.14.6-security_update_2019-004 | |
| Apple Mac OS X | =10.14.6-security_update_2019-005 | |
| Apple Mac OS X | =10.14.6-security_update_2019-006 | |
| Apple Mac OS X | =10.14.6-security_update_2019-007 | |
| Apple Mac OS X | =10.14.6-security_update_2020-001 | |
| Apple Mac OS X | =10.14.6-security_update_2020-002 | |
| Apple Mac OS X | =10.14.6-security_update_2020-003 | |
| Apple Mac OS X | =10.14.6-security_update_2020-004 | |
| Apple Mac OS X | =10.14.6-security_update_2020-005 | |
| Apple Mac OS X | =10.14.6-security_update_2020-006 | |
| Apple Mac OS X | =10.14.6-security_update_2020-007 | |
| Apple Mac OS X | =10.14.6-security_update_2021-001 | |
| Apple Mac OS X | =10.14.6-security_update_2021-002 | |
| Apple Mac OS X | =10.14.6-security_update_2021-003 | |
| Apple Mac OS X | =10.14.6-security_update_2021-004 | |
| Apple Mac OS X | =10.14.6-supplemental_update | |
| Apple Mac OS X | =10.14.6-supplemental_update_2 | |
| Apple Mac OS X | =10.15.7 | |
| Apple Mac OS X | =10.15.7-security_update_2020 | |
| Apple Mac OS X | =10.15.7-security_update_2020-001 | |
| Apple Mac OS X | =10.15.7-security_update_2020-005 | |
| Apple Mac OS X | =10.15.7-security_update_2020-007 | |
| Apple Mac OS X | =10.15.7-security_update_2021-001 | |
| Apple Mac OS X | =10.15.7-security_update_2021-002 | |
| Apple Mac OS X | =10.15.7-security_update_2021-003 | |
| Apple Mac OS X | =10.15.7-supplemental_update | |
| Apple macOS | >=11.0<11.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT212600 (Advisory)
- https://support.apple.com/en-us/HT212603 (Advisory)
- https://support.apple.com/en-us/HT212602 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2021-30805
- CVE-2021-30790
- CVE-2021-30811
- CVE-2021-30781
- CVE-2021-30672
- CVE-2021-30775
- CVE-2021-30776
- CVE-2021-30772
- CVE-2021-30777
- CVE-2021-30789
- CVE-2021-30733
- CVE-2021-30774
- CVE-2021-30780
- CVE-2021-30768
- CVE-2021-30760
- CVE-2021-30759
- CVE-2021-30788
- CVE-2021-30785
- CVE-2021-30787
- CVE-2021-30765
- CVE-2021-30766
- CVE-2021-30784
- CVE-2021-30731
- CVE-2021-30703
- CVE-2021-30793
- CVE-2021-30677
- CVE-2021-30783
- CVE-2021-30791
- CVE-2021-30792
- CVE-2021-30796
- CVE-2021-30782
- CVE-2021-30799
- CVE-2021-30871
- CVE-2021-31006
- CVE-2021-30748
- CVE-2021-30786
- CVE-2021-30817
- CVE-2021-30804
- CVE-2021-30803
- CVE-2021-30779
- CVE-2021-30778
- CVE-2021-3518
- CVE-2021-1821
- CVE-2021-31004
- CVE-2021-30798
- CVE-2021-30758
- CVE-2021-30795
- CVE-2021-30797
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID is CVE-2021-30777.
What is the description of this vulnerability?
The vulnerability is an injection issue in CoreStorage that has been addressed with improved validation.
Which software versions are affected by this vulnerability?
The affected software versions are Apple Mojave, Apple Catalina, and Apple macOS Big Sur up to version 11.5.
How can I fix this vulnerability?
To fix this vulnerability, update your Apple Mojave, Apple Catalina, or Apple macOS Big Sur to version 11.5 or later.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability on the following Apple support pages: [Apple Support Page 1](https://support.apple.com/en-us/HT212600), [Apple Support Page 2](https://support.apple.com/en-us/HT212602), [Apple Support Page 3](https://support.apple.com/en-us/HT212603).
- collector/apple-support
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/event
- agent/description
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/software-canonical-lookup-request
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/apple
- canonical/apple catalina
- canonical/apple mojave
- canonical/apple mac os x
- version/apple mac os x/10.14
- version/apple mac os x/10.14.5
- version/apple mac os x/10.15
- version/apple mac os x/10.15.6
- version/apple mac os x/10.14.6
- version/apple mac os x/10.14.6-security_update_2019-001
- version/apple mac os x/10.14.6-security_update_2019-002
- version/apple mac os x/10.14.6-security_update_2019-004
- version/apple mac os x/10.14.6-security_update_2019-005
- version/apple mac os x/10.14.6-security_update_2019-006
- version/apple mac os x/10.14.6-security_update_2019-007
- version/apple mac os x/10.14.6-security_update_2020-001
- version/apple mac os x/10.14.6-security_update_2020-002
- version/apple mac os x/10.14.6-security_update_2020-003
- version/apple mac os x/10.14.6-security_update_2020-004
- version/apple mac os x/10.14.6-security_update_2020-005
- version/apple mac os x/10.14.6-security_update_2020-006
- version/apple mac os x/10.14.6-security_update_2020-007
- version/apple mac os x/10.14.6-security_update_2021-001
- version/apple mac os x/10.14.6-security_update_2021-002
- version/apple mac os x/10.14.6-security_update_2021-003
- version/apple mac os x/10.14.6-security_update_2021-004
- version/apple mac os x/10.14.6-supplemental_update
- version/apple mac os x/10.14.6-supplemental_update_2
- version/apple mac os x/10.15.7
- version/apple mac os x/10.15.7-security_update_2020
- version/apple mac os x/10.15.7-security_update_2020-001
- version/apple mac os x/10.15.7-security_update_2020-005
- version/apple mac os x/10.15.7-security_update_2020-007
- version/apple mac os x/10.15.7-security_update_2021-001
- version/apple mac os x/10.15.7-security_update_2021-002
- version/apple mac os x/10.15.7-security_update_2021-003
- version/apple mac os x/10.15.7-supplemental_update
- canonical/apple macos
- version/apple macos/11.0
- canonical/apple macos big sur