Rewterz

Rewterz Threat Advisory –Multiple Palo Alto Security Vulnerabilities

August 12, 2021
Rewterz

Rewterz Threat Alert –Sodinokibi Ransomware – Active IOCs

August 12, 2021

Rewterz Threat Advisory –CVE-2021-30789 – Apple macOS Security Vulnerability

Severity

Low

Analysis Summary

CVE-2021-30789

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the CoreText library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. A specific flaw exists within the parsing of TTF fonts. Crafted data in a TTF font can trigger a read past the end of an allocated data structure. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.

Impact

  • Information Disclosure
  • Code Execution

Affected Vendors

Apple

Affected Products

  • macOS

Remediation

Apple has issued an update to correct this vulnerability. More details can be found at:

https://support.apple.com/en-us/HT212602

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.