CVE-2021-30753 Information

Description

Processing a maliciously crafted font may result in the disclosure of process memory. This issue is fixed in macOS Big Sur 11.4 tvOS 14.6 watchOS 7.5 iOS 14.6 and iPadOS 14.6. An out-of-bounds read was addressed with improved input validation.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Reference

https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212528 https://support.apple.com/en-us/HT212532 https://support.apple.com/en-us/HT212533

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

5.5