CVE-2021-30900 — Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability

2023-03-30 • CISA Known Exploited Vulnerability

[event] Apple GPU drivers, included in iOS, iPadOS, and macOS, contain an out-of-bounds write vulnerability that may allow a malicious application to execute code with kernel privileges.

> AFFECTED SOFTWARE

Field	Value
Vendor	Apple
Product	iOS, iPadOS, and macOS
CWE	CWE-20, CWE-787
CVE ID	CVE-2021-30900
Date Added	2023-03-30
Due Date	2023-04-20
Ransomware Campaign	Unknown

> MITIGATION

Apply updates per vendor instructions.

Due Date: 2023-04-20

> REFERENCES

[1] https://support.apple.com/en-us/HT21286,
[2] https://support.apple.com/en-us/HT212868,
[3] https://support.apple.com/kb/HT212872
[4] https://nvd.nist.gov/vuln/detail/CVE-2021-30900