What is the vulnerability ID?

The vulnerability ID is CVE-2021-31007.

What is the title of the vulnerability?

The title of the vulnerability is FileProvider.

What is the description of the vulnerability?

The description of the vulnerability is: A permissions issue was addressed with improved validation.

Which software is affected by this vulnerability?

The software affected by this vulnerability include: Apple iOS up to version 15.1, Apple iPadOS up to version 15.1, Apple macOS Monterey up to version 12.1, Apple watchOS up to version 8.1, and Apple tvOS up to version 15.1.

How can I fix this vulnerability?

To fix this vulnerability, update your software to the latest version provided by Apple. Refer to the official Apple support page for more information.

Vulnerability/
CVE-2021-31007

medium

5.5

CWE

276

24/8/2021

3/8/2024

CVE-2021-31007

First published: Tue Aug 24 2021(Updated: )

Description: A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, tvOS 15.1, macOS Big Sur 11.6.2, watchOS 8.1, macOS Monterey 12.1. A malicious application may be able to bypass Privacy preferences.

Credit: Csaba Fitzl @theevilbit Offensive SecurityCsaba Fitzl @theevilbit Offensive SecurityCsaba Fitzl @theevilbit Offensive SecurityCsaba Fitzl @theevilbit Offensive SecurityCsaba Fitzl @theevilbit Offensive Security cve@mitre.org

Affected Software	Affected Version	How to fix
Apple macOS Monterey	<12.1	12.1
Apple watchOS	<8.1	8.1
Apple tvOS	<15.1	15.1
Apple iPadOS	<15.1
Apple iPhone OS	<15.1
Apple macOS	>=11.0<11.6.2
Apple macOS	>=12.0.0<12.1
Apple tvOS	<15.1
Apple watchOS	<8.1
Apple iOS	<15.1	15.1
Apple iPadOS	<15.1	15.1
Apple macOS	<11.6.2	11.6.2

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT212867 (Advisory)
https://support.apple.com/en-us/HT212874 (Advisory)
https://support.apple.com/en-us/HT212876 (Advisory)
https://support.apple.com/en-us/HT212978 (Advisory)
https://support.apple.com/en-us/HT212979 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2021-30987
CVE-2021-30950
CVE-2021-30960
CVE-2021-30986
CVE-2021-30966
CVE-2021-30926
CVE-2021-30942
CVE-2021-30957
CVE-2021-30958
CVE-2021-30935
CVE-2021-30945
CVE-2021-31007
CVE-2021-31013
CVE-2021-31000
CVE-2021-30977
CVE-2021-30939
CVE-2021-30981
CVE-2021-30996
CVE-2021-30982
CVE-2021-30937
CVE-2021-30927
CVE-2021-30980
CVE-2021-30949
CVE-2021-30993
CVE-2021-30955
CVE-2021-30976
CVE-2021-30990
CVE-2021-30943
CVE-2021-31009
CVE-2021-30971
CVE-2021-30973
CVE-2021-30929
CVE-2021-30979
CVE-2021-30940
CVE-2021-30941
CVE-2021-30995
CVE-2021-30968
CVE-2021-30946
CVE-2021-30947
CVE-2021-30975
CVE-2021-30944
CVE-2021-30972
CVE-2021-30767
CVE-2021-30964
CVE-2021-30970
CVE-2021-30965
CVE-2021-30934
CVE-2021-30936
CVE-2021-30951
CVE-2021-30952
CVE-2021-30984
CVE-2021-30953
CVE-2021-30954
CVE-2021-30938
CVE-2021-30907
CVE-2021-30917
CVE-2021-30903
CVE-2021-30905
CVE-2021-30919
CVE-2021-30881
CVE-2021-30895
CVE-2021-30896
CVE-2021-30906
CVE-2021-30883
CVE-2021-30924
CVE-2021-30886
CVE-2021-30909
CVE-2021-30915
CVE-2021-31008
CVE-2021-30887
CVE-2021-30888
CVE-2021-30889
CVE-2021-30890
CVE-2021-30894
CVE-2021-30910
CVE-2021-30923
CVE-2021-30900
CVE-2021-30914
CVE-2021-30916
CVE-2021-30911
CVE-2021-30875
CVE-2021-30902
CVE-2021-30931
CVE-2021-30962
CVE-2021-30959
CVE-2021-30961
CVE-2021-30963
CVE-2021-30969
CVE-2021-31002

Frequently Asked Questions

What is the vulnerability ID?
The vulnerability ID is CVE-2021-31007.
What is the title of the vulnerability?
The title of the vulnerability is FileProvider.
What is the description of the vulnerability?
The description of the vulnerability is: A permissions issue was addressed with improved validation.
Which software is affected by this vulnerability?
The software affected by this vulnerability include: Apple iOS up to version 15.1, Apple iPadOS up to version 15.1, Apple macOS Monterey up to version 12.1, Apple watchOS up to version 8.1, and Apple tvOS up to version 15.1.
How can I fix this vulnerability?
To fix this vulnerability, update your software to the latest version provided by Apple. Refer to the official Apple support page for more information.

collector/apple-support
agent/type
agent/softwarecombine
agent/software-canonical-lookup-request
collector/nvd-index
agent/references
agent/weakness
agent/severity
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/first-publish-date
agent/trending
agent/source
agent/tags
vendor/apple
canonical/apple macos monterey
canonical/apple watchos
canonical/apple tvos
canonical/apple ipados
canonical/apple iphone os
canonical/apple macos
version/apple macos/11.0
version/apple macos/12.0.0
canonical/apple ios