Cyber Resilience

CVE-2021-30883

HighCISA KEVActive ExploitationEUVD Exploited

Published: 24 August 2021

Published
24 August 2021
Modified
23 October 2025
KEV Added
23 May 2022
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0043 62.7th percentile
Risk Priority 36 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-30883 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Apple Ipados. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 37.3% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

A memory corruption vulnerability, tracked as CVE-2021-30883 and assigned CWE-787, was present in multiple Apple operating systems. The flaw stems from improper memory handling that could be triggered by an application, and it affects iOS and iPadOS prior to 15.0.2 and 14.8.1, macOS Monterey prior to 12.0.1, macOS Big Sur prior to 11.6.1, tvOS prior to 15.1, and watchOS prior to 8.1. The issue received a CVSS v3.1 score of 7.8.

An attacker who can supply a malicious application or document may exploit the flaw to achieve arbitrary code execution with kernel privileges. The attack vector is local and requires user interaction but no prior authentication, allowing a crafted file or app opened by the victim to compromise the system at the highest privilege level.

Apple has released security updates that address the vulnerability through improved memory handling. The fixes are documented in the vendor advisories available at the referenced support pages for each affected platform, and users are advised to install the updates for iOS 15.0.2, iPadOS 15.0.2, macOS Monterey 12.0.1, iOS 14.8.1, iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, and macOS Big Sur 11.6.1.

Apple has stated that it is aware of reports indicating the vulnerability may have been actively exploited in the wild prior to patching.

EU & UK References

Vulnerability details

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, macOS Big Sur 11.6.1. An application may be…

more

able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..

CWE(s)
KEV Date Added
23 May 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

apple
ipados
≤ 14.8.1 · 15.0 — 15.0.2
apple
iphone os
≤ 14.8.1 · 15.0 — 15.0.2
apple
macos
12.0 · 11.0 — 11.6.1
apple
tvos
≤ 15.1
apple
watchos
≤ 8.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires memory protection mechanisms that would have blocked the out-of-bounds write and resulting kernel-level code execution.

prevent

Mandates timely application of the vendor patches that corrected the memory-handling flaw in all listed Apple platforms.

detect

Requires integrity verification of software/firmware that can detect unauthorized modifications resulting from successful exploitation of the memory corruption.

References