CVE-2021-1870 — Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability
2021-11-03 • CISA Known Exploited Vulnerability
[event] Apple iOS, iPadOS, and macOS WebKit contain an unspecified logic vulnerability that allows a remote attacker to execute code. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Apple |
| Product | iOS, iPadOS, and macOS |
| CWE | CWE-1173 |
| CVE ID | CVE-2021-1870 |
| Date Added | 2021-11-03 |
| Due Date | 2021-11-17 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2021-11-17