CVE-2021-30655

An application may be able to execute arbitrary code with system privileges. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. The issue was addressed with improved permissions logic.

Affected Software

Name	Vendor	Start Version	End Version
Mac_os_x	Apple	10.15 (including)	10.15.5 (including)
Mac_os_x	Apple	10.15.6 (including)	10.15.6 (including)
Mac_os_x	Apple	10.15.6-supplemental_update (including)	10.15.6-supplemental_update (including)
Mac_os_x	Apple	10.15.7 (including)	10.15.7 (including)
Mac_os_x	Apple	10.15.7-security_update_2020 (including)	10.15.7-security_update_2020 (including)
Mac_os_x	Apple	10.15.7-security_update_2020-001 (including)	10.15.7-security_update_2020-001 (including)
Mac_os_x	Apple	10.15.7-security_update_2020-005 (including)	10.15.7-security_update_2020-005 (including)
Mac_os_x	Apple	10.15.7-security_update_2020-007 (including)	10.15.7-security_update_2020-007 (including)
Mac_os_x	Apple	10.15.7-security_update_2021-001 (including)	10.15.7-security_update_2021-001 (including)
Mac_os_x	Apple	10.15.7-supplemental_update (including)	10.15.7-supplemental_update (including)
Macos	Apple	11.0 (including)	11.3 (excluding)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2021-30655
CWE	https://cwe.mitre.org/data/definitions/.html

Affected Software

References