Apple iOS/iPadOS ImageIO Remote Code Execution

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical has been found in Apple iOS and iPadOS (Smartphone Operating System) (version unknown). Affected is an unknown code of the component ImageIO. Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Field04/03/2021 11:27 AM04/08/2021 05:54 PM
vendorAppleApple
nameiOS/iPadOSiOS/iPadOS
componentImageIOImageIO
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiRR
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcCC
date1612134000 (02/01/2021)1612134000 (02/01/2021)
locationWebsiteWebsite
typeAdvisoryAdvisory
person_nameXingwei LinXingwei Lin
disputed00
nameUpgradeUpgrade
date1612134000 (02/01/2021)1612134000 (02/01/2021)
cveCVE-2021-1742CVE-2021-1742
cve_assigned16073820001607382000
cve_nvd_summaryThis issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.
typeSmartphone Operating System
cvss2_vuldb_basescore7.5
cvss2_vuldb_tempscore6.5
cvss3_vuldb_basescore6.3
cvss3_vuldb_tempscore6.0
cvss3_meta_basescore6.3
cvss3_meta_tempscore6.0
price_0day$100k and more
price_trend+

Do you want to use VulDB in your project?

Use the official API to access entries easily!