Rewterz Threat Advisory – CVE-2021-32930; CVE-2021-32932 – ICS: Advantech iView
June 4, 2021Rewterz Threat Alert – Kimsuky APT group – IOCs
June 4, 2021Rewterz Threat Advisory – CVE-2021-32930; CVE-2021-32932 – ICS: Advantech iView
June 4, 2021Rewterz Threat Alert – Kimsuky APT group – IOCs
June 4, 2021Severity
Medium
Analysis Summary
CVE-2021-1838
Apple macOS, iOS, and iPadOS could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read flaw in the ImageIO framework. By persuading a victim to open a specially crafted content, an attacker could exploit this vulnerability to read past the end of an allocated data structure and use this information to launch further attacks against the affected system.
Impact
- A remote attacker may be able to initiate a denial of service condition.
- Information disclosure may occur due to the vulnerability.
Affected Vendors
Apple
Affected Products
- Apple macOS Catalina 10.14
- Apple iPadOS 14.3
- Apple iOS 14.3
Remediation
Refer to Apple security document HT212146 for the patch, upgrade, or suggested workaround information. https://www.zerodayinitiative.com/advisories/ZDI-21-617/