Rewterz Threat Advisory – Multiple Apple macOS Big Sur Vulnerabilities

Rewterz Threat Alert – Kimsuky APT Group – Active IOCs

February 16, 2022

Rewterz Threat Advisory – Trend Micro Apex One and Antivirus for Mac Vulnerabilities

February 17, 2022

Rewterz Threat Advisory – Multiple Apple macOS Big Sur Vulnerabilities

Severity

High

Analysis Summary

CVE-2021-30771

Apple macOS Big Sur could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write issue in the FontParser component. By persuading a victim to open a specially-crafted TTF Font file, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process.

CVE-2021-30928

Apple macOS Big Sur could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption issue in the CoreGraphics component. By persuading a victim to open a specially-crafted PDF file, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process.

Impact

Code Execution

Indicators of Compromise

CVE

CVE-2021-30771
CVE-2021-30928

Affected Vendors

Apple
Apple iOS
Apple iPadOS

Affected Products

Apple macOS Big Sur 11.3.0
Apple macOS Big Sur 11.5.0

Remediation

Refer to Apple security document for patch, upgrade or suggested workaround information.

CVE-2021-30771

https://support.apple.com/en-us/HT212529CVE-2021-30928

https://support.apple.com/en-us/HT212804

Rewterz Threat Alert – Kimsuky APT Group – Active IOCs

Rewterz Threat Advisory – Trend Micro Apex One and Antivirus for Mac Vulnerabilities

Rewterz Threat Advisory – Multiple Apple macOS Big Sur Vulnerabilities

Severity

Analysis Summary

CVE-2021-30771

CVE-2021-30928

Impact

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan