Apple iOS/iPadOS up to 11.1 Model IO Remote Code Execution

entryeditHistoryDiffjsonxmlCTI

A vulnerability was found in Apple iOS and iPadOS up to 11.1 (Smartphone Operating System). It has been declared as critical. Affected by this vulnerability is some unknown processing of the component Model IO. Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Field04/03/2021 10:33 AM04/08/2021 02:11 PM
vendorAppleApple
nameiOS/iPadOSiOS/iPadOS
version<=11.1<=11.1
componentModel IOModel IO
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiRR
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcCC
date1612134000 (02/01/2021)1612134000 (02/01/2021)
locationWebsiteWebsite
typeAdvisoryAdvisory
person_nameZhiWei SunZhiWei Sun
disputed00
nameUpgradeUpgrade
date1612134000 (02/01/2021)1612134000 (02/01/2021)
cveCVE-2020-29614CVE-2020-29614
cve_assigned16073820001607382000
cve_nvd_summaryThis issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted file may lead to heap corruption.
typeSmartphone Operating System
cvss2_vuldb_basescore7.5
cvss2_vuldb_tempscore6.5
cvss3_vuldb_basescore6.3
cvss3_vuldb_tempscore6.0
cvss3_meta_basescore6.3
cvss3_meta_tempscore6.0
price_0day$100k and more
price_trend+

Do you want to use VulDB in your project?

Use the official API to access entries easily!