CVE-2021-30805 Vulnerability Analysis & Exploit Details

CVE-2021-30805 Vulnerability Summary

CVE-2021-30805: A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges.

Exploit Prediction Scoring System (EPSS)

The EPSS score estimates the probability that this vulnerability will be exploited in the near future.

EPSS Score: 0.643% (probability of exploit)

EPSS Percentile: 79.59% (lower percentile = lower relative risk)
This vulnerability is less risky than approximately 20.409999999999997% of others.

CVE-2021-30805 References

External References

• https://support.apple.com/en-us/HT212600
• https://support.apple.com/en-us/HT212602
• https://support.apple.com/en-us/HT212603
• https://support.apple.com/en-us/HT212600
• https://support.apple.com/en-us/HT212602
• https://support.apple.com/en-us/HT212603

CWE Common Weakness Enumeration

Vulnerable Configurations

• cpe:2.3:o:apple:mac_os_x:10.14:*:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.0:*:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.0:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.1:*:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.1:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.2:*:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.2:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.3:*:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.3:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.4:*:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.4:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.4:beta4:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.4:beta4:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.5:*:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.5:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:*:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15:*:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15.1:*:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15.1:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15.2:*:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15.2:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15.3:*:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15.3:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15.4:*:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15.4:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15.5:*:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15.5:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15.6:*:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15.6:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15.6:-:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15.6:-:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15.6:supplemental_update:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15.6:supplemental_update:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15.7:*:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15.7:*:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-007:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-007:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-001:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-001:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-002:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-002:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-003:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-003:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-004:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-004:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update_2:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update_2:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*
• cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*
  cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*
• cpe:2.3:o:apple:macos:11.0:*:*:*:*:*:*:*
  cpe:2.3:o:apple:macos:11.0:*:*:*:*:*:*:*
• cpe:2.3:o:apple:macos:11.0.1:*:*:*:*:*:*:*
  cpe:2.3:o:apple:macos:11.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:apple:macos:11.1:*:*:*:*:*:*:*
  cpe:2.3:o:apple:macos:11.1:*:*:*:*:*:*:*
• cpe:2.3:o:apple:macos:11.1.0:*:*:*:*:*:*:*
  cpe:2.3:o:apple:macos:11.1.0:*:*:*:*:*:*:*
• cpe:2.3:o:apple:macos:11.2:*:*:*:*:*:*:*
  cpe:2.3:o:apple:macos:11.2:*:*:*:*:*:*:*
• cpe:2.3:o:apple:macos:11.2.1:*:*:*:*:*:*:*
  cpe:2.3:o:apple:macos:11.2.1:*:*:*:*:*:*:*
• cpe:2.3:o:apple:macos:11.3:*:*:*:*:*:*:*
  cpe:2.3:o:apple:macos:11.3:*:*:*:*:*:*:*
• cpe:2.3:o:apple:macos:11.3.1:*:*:*:*:*:*:*
  cpe:2.3:o:apple:macos:11.3.1:*:*:*:*:*:*:*
• cpe:2.3:o:apple:macos:11.4:*:*:*:*:*:*:*
  cpe:2.3:o:apple:macos:11.4:*:*:*:*:*:*:*

Other 5 Recently Published CVEs Vulnerabilities

• CVE-2025-5074 – A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component PROMPT C...
• CVE-2025-5073 – A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. This issue affects some unknown processing of the co...
• CVE-2025-41403 – Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection while fetching service account audit data.
• CVE-2025-3836 – Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the logon events aggregate report.
• CVE-2025-3444 – Zohocorp ManageEngine ServiceDesk Plus MSP and SupportCenter Plus versions below 14920 are vulnerable to authenticated Local File Inclusion (LFI) i...