First published: Tue Aug 24 2021(Updated: )
A S/MIME issue existed in the handling of encrypted email. This issue was addressed by not automatically loading some MIME parts. This issue is fixed in iOS 15.2 and iPadOS 15.2. An attacker may be able to recover plaintext contents of an S/MIME-encrypted e-mail.
Credit: Damian Poddebniak MChristian Dresen MJens Müller Ruhr University BochumFabian Ising MSebastian Schinzel MSimon Friedberger KU LeuvenJuraj Somorovsky Ruhr University BochumJörg Schwenk Ruhr University Bochum cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iOS | <15.2 | 15.2 |
Apple iPadOS | <15.2 | 15.2 |
Apple iPadOS | <15.2 | |
Apple iPhone OS | <15.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2021-30997 is a vulnerability in Apple iOS and iPadOS that allows for an S/MIME issue in the handling of encrypted email.
CVE-2021-30997 affects Apple iOS and iPadOS versions up to and including 15.2.
The severity of CVE-2021-30997 is not specified.
CVE-2021-30997 can be fixed by updating Apple iOS and iPadOS to version 15.3 or later.
More information about CVE-2021-30997 can be found at the following reference link: [Apple Support](https://support.apple.com/en-us/HT212976)