New Weaponized Big Sur Vulnerability

New Weaponized Big Sur Vulnerability

New Critical Big Sur Vulnerability

Apple has published security updates for macOS Big Sur, iOS, iPadOS and watchOS.  In total, four vulnerabilities are addressed in the updates, all of which are reported as being actively weaponized in the wild.

Apple has published security updates which take macOS Big Sur to 11.3.1, iOS (for older devices) to 12.5.3, iOS and iPadOS to 14.5.1, and watchOS to 7.4.1. In total, four vulnerabilities are addressed in the updates, one of which is common to all updates. All four vulnerabilities are WebKit issues and are all reported as being actively exploited in the wild. All four vulnerabilities, if successfully exploited, could potentially allow a remote attacker to execute arbitrary code.

Vulnerability Details

  • CVSS Score: 8.8
  • Attack Vector: Network
  • Attack Complexity:  Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged

CVEs

  • CVE-2021-30661
  • CVE-2021-30663
  • CVE-2021-30665
  • CVE-2021-30666

Recommendations: Apply applicable patches, updates, or workarounds as necessary.

Start Your Free Trial of Syxsense

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Recent Posts

Topics

Related Posts

Previewing RSA Conference 2024: Top Security Themes

Previewing RSA Conference 2024: Top Security Themes

April 15, 2024
April 2024 Patch Tuesday: Microsoft releases 147 fixes this month including 3 Critical Threats.

April 2024 Patch Tuesday: Microsoft releases 147 fixes this month including 3 Critical Threats.

April 9, 2024
Unified Endpoint Management (UEM): What’s your flavor?

Unified Endpoint Management (UEM): What’s your flavor?

March 29, 2024
Automating Patch and Vulnerability Management for Compliance Success

Automating Patch and Vulnerability Management for Compliance Success

March 21, 2024