Request a Demo
Rewterz
Rewterz Threat Alert – Kimsuky APT Group – Active IOCs
February 16, 2022
Rewterz
Rewterz Threat Advisory – Trend Micro Apex One and Antivirus for Mac Vulnerabilities
February 17, 2022

Rewterz Threat Advisory – Multiple Apple macOS Big Sur Vulnerabilities

Severity

High

Analysis Summary

CVE-2021-30771 

Apple macOS Big Sur could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write issue in the FontParser component. By persuading a victim to open a specially-crafted TTF Font file, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process.

CVE-2021-30928 

Apple macOS Big Sur could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption issue in the CoreGraphics component. By persuading a victim to open a specially-crafted PDF file, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process.

Impact

  • Code Execution

Indicators of Compromise

CVE

  • CVE-2021-30771
  • CVE-2021-30928

Affected Vendors

  • Apple
  • Apple iOS
  • Apple iPadOS

Affected Products

  • Apple macOS Big Sur 11.3.0
  • Apple macOS Big Sur 11.5.0

Remediation

Refer to Apple security document for patch, upgrade or suggested workaround information.

CVE-2021-30771

https://support.apple.com/en-us/HT212529CVE-2021-30928
https://support.apple.com/en-us/HT212804