What is CVE-2021-30892?

CVE-2021-30892 is a vulnerability in zsh that allows for an inherited permissions issue.

What software is affected by CVE-2021-30892?

CVE-2021-30892 affects Apple Catalina, Apple macOS Big Sur (up to version 11.6.1), and Apple macOS Monterey (up to version 12.0.1).

How was CVE-2021-30892 addressed?

CVE-2021-30892 was addressed by adding additional restrictions to resolve the inherited permissions issue.

Where can I find more information about CVE-2021-30892?

You can find more information about CVE-2021-30892 on the following Apple support pages: [link](https://support.apple.com/en-us/HT212871), [link](https://support.apple.com/en-us/HT212872), [link](https://support.apple.com/en-us/HT212869).

How do I fix CVE-2021-30892?

To fix CVE-2021-30892, update your Apple software to the latest available version, such as macOS Big Sur version 11.6.1 or macOS Monterey version 12.0.1.

Vulnerability/
CVE-2021-30892

medium

5.5

CWE

732

24/8/2021

3/8/2024

CVE-2021-30892

First published: Tue Aug 24 2021(Updated: )

An inherited permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to modify protected parts of the file system.

Credit: Jonathan Bar Or MicrosoftJonathan Bar Or Microsoft cve@mitre.org Jonathan Bar Or Microsoft

Affected Software	Affected Version	How to fix
Apple macOS Big Sur	<11.6.1	11.6.1
Apple macOS Monterey	<12.0.1	12.0.1
Apple Catalina
Apple Mac OS X	<10.15.7
Apple Mac OS X	=10.15.7
Apple Mac OS X	=10.15.7-security_update_2020-001
Apple Mac OS X	=10.15.7-security_update_2021-001
Apple Mac OS X	=10.15.7-security_update_2021-002
Apple Mac OS X	=10.15.7-security_update_2021-003
Apple Mac OS X	=10.15.7-security_update_2021-004
Apple Mac OS X	=10.15.7-security_update_2021-005
Apple Mac OS X	=10.15.7-security_update_2021-006
Apple Mac OS X	=10.15.7-supplemental_update
Apple macOS	>=11.0<11.6.1
Apple macOS	=12.0

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT212869 (Advisory)
https://support.apple.com/en-us/HT212871 (Advisory)
https://support.apple.com/en-us/HT212872 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2021-30873
CVE-2021-30876
CVE-2021-30879
CVE-2021-30877
CVE-2021-30880
CVE-2021-30994
CVE-2021-30907
CVE-2021-30899
CVE-2021-30931
CVE-2021-30866
CVE-2021-30917
CVE-2021-30903
CVE-2021-30905
CVE-2021-30919
CVE-2020-9846
CVE-2021-30881
CVE-2021-30923
CVE-2021-30831
CVE-2021-30840
CVE-2021-30852
CVE-2021-30895
CVE-2021-30896
CVE-2021-30933
CVE-2021-30906
CVE-2021-30867
CVE-2021-30814
CVE-2021-30922
CVE-2021-30824
CVE-2021-30901
CVE-2021-30821
CVE-2021-30883
CVE-2021-30924
CVE-2021-30886
CVE-2021-30909
CVE-2021-30916
CVE-2021-30864
CVE-2021-30813
CVE-2021-31011
CVE-2021-30904
CVE-2021-30910
CVE-2021-30911
CVE-2021-30874
CVE-2021-30808
CVE-2021-30920
CVE-2021-31004
CVE-2021-31002
CVE-2021-30868
CVE-2021-30912
CVE-2021-30913
CVE-2021-30915
CVE-2021-31005
CVE-2021-31008
CVE-2021-30897
CVE-2021-30884
CVE-2021-30818
CVE-2021-30836
CVE-2021-30846
CVE-2021-30849
CVE-2021-30848
CVE-2021-30851
CVE-2021-30809
CVE-2021-30823
CVE-2021-30887
CVE-2021-30888
CVE-2021-30889
CVE-2021-30861
CVE-2021-30890
CVE-2021-30930
CVE-2021-30908
CVE-2021-30833
CVE-2021-30892
CVE-2021-30926
CVE-2021-30834
CVE-2021-30844
CVE-2021-30900

Frequently Asked Questions

What is CVE-2021-30892?
CVE-2021-30892 is a vulnerability in zsh that allows for an inherited permissions issue.
What software is affected by CVE-2021-30892?
CVE-2021-30892 affects Apple Catalina, Apple macOS Big Sur (up to version 11.6.1), and Apple macOS Monterey (up to version 12.0.1).
How was CVE-2021-30892 addressed?
CVE-2021-30892 was addressed by adding additional restrictions to resolve the inherited permissions issue.
Where can I find more information about CVE-2021-30892?
You can find more information about CVE-2021-30892 on the following Apple support pages: [link](https://support.apple.com/en-us/HT212871), [link](https://support.apple.com/en-us/HT212872), [link](https://support.apple.com/en-us/HT212869).
How do I fix CVE-2021-30892?
To fix CVE-2021-30892, update your Apple software to the latest available version, such as macOS Big Sur version 11.6.1 or macOS Monterey version 12.0.1.

collector/apple-support
collector/nvd-index
agent/type
agent/softwarecombine
agent/software-canonical-lookup-request
collector/mitre-cve
source/MITRE
agent/references
agent/author
agent/severity
agent/last-modified-date
agent/weakness
agent/tags
agent/first-publish-date
agent/event
agent/description
agent/trending
vendor/apple
canonical/apple macos monterey
canonical/apple catalina
canonical/apple mac os x
version/apple mac os x/10.15.7
version/apple mac os x/10.15.7-security_update_2020-001
version/apple mac os x/10.15.7-security_update_2021-001
version/apple mac os x/10.15.7-security_update_2021-002
version/apple mac os x/10.15.7-security_update_2021-003
version/apple mac os x/10.15.7-security_update_2021-004
version/apple mac os x/10.15.7-security_update_2021-005
version/apple mac os x/10.15.7-security_update_2021-006
version/apple mac os x/10.15.7-supplemental_update
canonical/apple macos
version/apple macos/11.0
version/apple macos/12.0
canonical/apple macos big sur