Rewterz Threat Alert – Kimsuky APT Group – Active IOCs
February 16, 2022Rewterz Threat Advisory – Trend Micro Apex One and Antivirus for Mac Vulnerabilities
February 17, 2022Rewterz Threat Alert – Kimsuky APT Group – Active IOCs
February 16, 2022Rewterz Threat Advisory – Trend Micro Apex One and Antivirus for Mac Vulnerabilities
February 17, 2022Severity
High
Analysis Summary
CVE-2021-30771
Apple macOS Big Sur could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write issue in the FontParser component. By persuading a victim to open a specially-crafted TTF Font file, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process.
CVE-2021-30928
Apple macOS Big Sur could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption issue in the CoreGraphics component. By persuading a victim to open a specially-crafted PDF file, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process.
Impact
- Code Execution
Indicators of Compromise
CVE
- CVE-2021-30771
- CVE-2021-30928
Affected Vendors
- Apple
- Apple iOS
- Apple iPadOS
Affected Products
- Apple macOS Big Sur 11.3.0
- Apple macOS Big Sur 11.5.0
Remediation
Refer to Apple security document for patch, upgrade or suggested workaround information.
CVE-2021-30771