CVE-2021-30827

A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local attacker may be able to elevate their privileges.

Weakness

The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

Affected Software

Name	Vendor	Start Version	End Version
Mac_os_x	Apple	10.15 (including)	10.15.6 (including)
Mac_os_x	Apple	10.15.7 (including)	10.15.7 (including)
Mac_os_x	Apple	10.15.7-security_update_2020 (including)	10.15.7-security_update_2020 (including)
Mac_os_x	Apple	10.15.7-security_update_2020-001 (including)	10.15.7-security_update_2020-001 (including)
Mac_os_x	Apple	10.15.7-security_update_2020-005 (including)	10.15.7-security_update_2020-005 (including)
Mac_os_x	Apple	10.15.7-security_update_2020-007 (including)	10.15.7-security_update_2020-007 (including)
Mac_os_x	Apple	10.15.7-security_update_2021-001 (including)	10.15.7-security_update_2021-001 (including)
Mac_os_x	Apple	10.15.7-security_update_2021-002 (including)	10.15.7-security_update_2021-002 (including)
Mac_os_x	Apple	10.15.7-security_update_2021-003 (including)	10.15.7-security_update_2021-003 (including)
Mac_os_x	Apple	10.15.7-supplemental_update (including)	10.15.7-supplemental_update (including)
Macos	Apple	11.0 (including)	11.6 (excluding)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2021-30827
CWE	https://cwe.mitre.org/data/definitions/281.html

Improper Preservation of Permissions

Weakness

Affected Software

References