{"api_version":"1","generated_at":"2026-04-23T06:20:12+00:00","cve":"CVE-2021-30770","urls":{"html":"https://cve.report/CVE-2021-30770","api":"https://cve.report/api/cve/CVE-2021-30770.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-30770","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-30770"},"summary":{"title":"CVE-2021-30770","description":"A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.","state":"PUBLIC","assigner":"product-security@apple.com","published_at":"2021-09-08 14:15:00","updated_at":"2021-09-15 18:18:00"},"problem_types":["CWE-287"],"metrics":[],"references":[{"url":"https://support.apple.com/en-us/HT212601","name":"https://support.apple.com/en-us/HT212601","refsource":"MISC","tags":[],"title":"About the security content of iOS 14.7 and iPadOS 14.7 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/en-us/HT212604","name":"https://support.apple.com/en-us/HT212604","refsource":"MISC","tags":[],"title":"About the security content of tvOS 14.7 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/en-us/HT212605","name":"https://support.apple.com/en-us/HT212605","refsource":"MISC","tags":[],"title":"About the security content of watchOS 7.6 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-30770","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-30770","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"30770","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"iphone_os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"30770","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"tvos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"30770","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"watchos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-30770","qid":"610349","title":"Apple iOS 14.7 and iPadOS 14.7 Security Update Missing"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2021-30770","ASSIGNER":"product-security@apple.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Apple","product":{"product_data":[{"product_name":"iOS","version":{"version_data":[{"version_affected":"<","version_value":"14.7"}]}},{"product_name":"tvOS","version":{"version_data":[{"version_affected":"<","version_value":"14.7"}]}},{"product_name":"watchOS","version":{"version_data":[{"version_affected":"<","version_value":"7.6"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations"}]}]},"references":{"reference_data":[{"refsource":"MISC","url":"https://support.apple.com/en-us/HT212601","name":"https://support.apple.com/en-us/HT212601"},{"refsource":"MISC","url":"https://support.apple.com/en-us/HT212605","name":"https://support.apple.com/en-us/HT212605"},{"refsource":"MISC","url":"https://support.apple.com/en-us/HT212604","name":"https://support.apple.com/en-us/HT212604"}]},"description":{"description_data":[{"lang":"eng","value":"A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations."}]}},"nvd":{"publishedDate":"2021-09-08 14:15:00","lastModifiedDate":"2021-09-15 18:18:00","problem_types":["CWE-287"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE","baseScore":5.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:C/A:N","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"COMPLETE","availabilityImpact":"NONE","baseScore":4.9},"severity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","versionEndExcluding":"7.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","versionEndExcluding":"14.7","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionEndExcluding":"14.7","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"30770","Ordinal":"206048","Title":"CVE-2021-30770","CVE":"CVE-2021-30770","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"30770","Ordinal":"1","NoteData":"A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"30770","Ordinal":"2","NoteData":"2021-09-08","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"30770","Ordinal":"3","NoteData":"2021-09-08","Type":"Other","Title":"Modified"}]}}}