CVE-2021-30762
Published: 08 September 2021
Summary
CVE-2021-30762 is a high-severity Use After Free (CWE-416) vulnerability in Apple Iphone Os. Its CVSS base score is 8.8 (High).
Operationally, ranked at the 14.7th percentile by exploit likelihood (below the median); CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
A use-after-free vulnerability, tracked as CVE-2021-30762 and assigned CWE-416, affects iOS prior to version 12.5.4. The flaw resides in the handling of web content and was resolved through improved memory management. Successful exploitation can result in arbitrary code execution, as reflected in its CVSS 3.1 score of 8.8.
An unauthenticated remote attacker can trigger the issue by supplying maliciously crafted web content that a user visits or renders, requiring no privileges and only user interaction to achieve full compromise of the affected device.
Apple's advisory HT212548 states that the vulnerability is fixed in iOS 12.5.4, and CISA includes the CVE in its catalog of known exploited vulnerabilities, confirming the availability of the patch as the primary mitigation.
Apple has reported that the issue may have been actively exploited in the wild.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2021-17679
Vulnerability details
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have…
more
been actively exploited..
- CWE(s)
- KEV Date Added
- 03 November 2021
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires timely application of the iOS 12.5.4 patch that resolves the use-after-free flaw before exploitation occurs.
Mandates memory-protection mechanisms that would have blocked the use-after-free condition during malicious web-content processing.
Requires malicious-code detection and blocking capabilities that can intercept crafted web content used to trigger the vulnerability.