What is CVE-2021-30807 vulnerability?

CVE-2021-30807 is a memory corruption issue in Apple Multiple Products that allows an application to execute arbitrary code with kernel privileges.

Which Apple products are affected by CVE-2021-30807?

Apple iOS, iPadOS, macOS, and watchOS are affected by CVE-2021-30807.

What is the severity of CVE-2021-30807?

CVE-2021-30807 has a severity rating of 7.8 (critical).

How can I fix CVE-2021-30807 vulnerability?

To fix CVE-2021-30807, update your software to the fixed versions: macOS Big Sur 11.5.1, iOS 14.7.1 and iPadOS 14.7.1, watchOS 7.6.1.

Where can I find more information about CVE-2021-30807?

You can find more information about CVE-2021-30807 on Apple's website: [support.apple.com](https://support.apple.com/en-us/HT212622) and [support.apple.com](https://support.apple.com/en-us/HT212623), [support.apple.com](https://support.apple.com/en-us/HT212713).

Vulnerability/
CVE-2021-30807

Exploited

critical

9.3

CWE

787

26/7/2021

19/10/2021

21/11/2024

CVE-2021-30807: Apple Multiple Products Memory Corruption Vulnerability

First published: Mon Jul 26 2021(Updated: )

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.5.1, iOS 14.7.1 and iPadOS 14.7.1, watchOS 7.6.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Credit: an anonymous researcher an anonymous researcher an anonymous researcher product-security@apple.com product-security@apple.com product-security@apple.com

Affected Software	Affected Version	How to fix
Apple watchOS	<7.6.1	7.6.1
Apple iOS	<14.7.1	14.7.1
Apple iPadOS	<14.7.1	14.7.1
Apple Ipad Os	<14.7.1
Apple iPhone OS	<14.7.1
Apple macOS	<11.5.1
Apple watchOS	<7.6.1
Apple Multiple Products
Apple macOS	<11.5.1	11.5.1

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT212622 (Advisory)
https://support.apple.com/en-us/HT212713 (Advisory)
https://support.apple.com/en-us/HT212623 (Advisory)
https://nvd.nist.gov/vuln/detail/CVE-2021-30807

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2021-30807

Frequently Asked Questions

What is CVE-2021-30807 vulnerability?
CVE-2021-30807 is a memory corruption issue in Apple Multiple Products that allows an application to execute arbitrary code with kernel privileges.
Which Apple products are affected by CVE-2021-30807?
Apple iOS, iPadOS, macOS, and watchOS are affected by CVE-2021-30807.
What is the severity of CVE-2021-30807?
CVE-2021-30807 has a severity rating of 7.8 (critical).
How can I fix CVE-2021-30807 vulnerability?
To fix CVE-2021-30807, update your software to the fixed versions: macOS Big Sur 11.5.1, iOS 14.7.1 and iPadOS 14.7.1, watchOS 7.6.1.
Where can I find more information about CVE-2021-30807?
You can find more information about CVE-2021-30807 on Apple's website: [support.apple.com](https://support.apple.com/en-us/HT212622) and [support.apple.com](https://support.apple.com/en-us/HT212623), [support.apple.com](https://support.apple.com/en-us/HT212713).

agent/type
agent/first-publish-date
collector/apple-support
agent/software-canonical-lookup-request
agent/title
agent/severity
agent/weakness
agent/description
collector/nvd-api
collector/nvd-index
collector/mitre-cve
source/MITRE
exploited/true
collector/cisa-known-exploited
source/CISA
agent/software-canonical-lookup
agent/references
agent/author
agent/event
agent/last-modified-date
agent/trending
collector/nvd-cve
source/NVD
agent/tags
agent/softwarecombine
agent/source
vendor/apple
canonical/apple watchos
canonical/apple ios
canonical/apple ipados
canonical/apple ipad os
canonical/apple iphone os
canonical/apple macos
canonical/apple multiple products