CVE-2021-30719 – This macOS vulnerability allows local users to ... (How to Fix)

Q: What is the severity of CVE-2021-30719?

CVE-2021-30719 has a CVSS score of 7.1 (HIGH). This macOS vulnerability allows local users to read kernel memory or cause system crashes through an out-of-bounds read. It affects macOS systems prior to Big Sur 11.4 and Catalina Security Update 2021-003. Attackers with local access can exploit this to potentially access sensitive kernel data.

📋 TL;DR

This macOS vulnerability allows local users to read kernel memory or cause system crashes through an out-of-bounds read. It affects macOS systems prior to Big Sur 11.4 and Catalina Security Update 2021-003. Attackers with local access can exploit this to potentially access sensitive kernel data.

💻 Affected Systems

Products:

macOS

Versions: macOS Big Sur prior to 11.4, macOS Catalina prior to Security Update 2021-003

Operating Systems: macOS

Default Config Vulnerable: ⚠️ Yes

Notes: All default configurations of affected macOS versions are vulnerable. The vulnerability was in kernel code that has been removed in patches.

📦 What is this software?

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation leading to full system compromise, kernel memory disclosure exposing sensitive system information, or persistent denial of service through system crashes.

🟠

Likely Case

Local user causing system crashes or reading limited kernel memory, potentially leading to information disclosure about system state or processes.

🟢

If Mitigated

Minimal impact if systems are patched; unpatched systems with strict local access controls face reduced risk.

🌐 Internet-Facing: LOW - This is a local privilege vulnerability requiring local user access, not remotely exploitable.

🏢 Internal Only: MEDIUM - Internal users with local access could exploit this, but requires existing access to the system.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local user access and knowledge of the vulnerability. Apple has not disclosed technical details, making exploitation more difficult.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: macOS Big Sur 11.4 or macOS Catalina Security Update 2021-003

Vendor Advisory: https://support.apple.com/en-us/HT212529

Restart Required: Yes

Instructions:

1. Open System Preferences > Software Update. 2. Install macOS Big Sur 11.4 update or Security Update 2021-003 for Catalina. 3. Restart the system when prompted.

🔧 Temporary Workarounds

Restrict local user access

all

Limit local user accounts to trusted personnel only and implement strict access controls.

🧯 If You Can't Patch

Implement strict local access controls and limit user privileges
Monitor for unusual system crashes or kernel-related errors

🔍 How to Verify

Check if Vulnerable:

Check macOS version: if running macOS Big Sur earlier than 11.4 or macOS Catalina without Security Update 2021-003, system is vulnerable.

Check Version:

sw_vers

Verify Fix Applied:

Verify macOS version is 11.4 or higher for Big Sur, or check that Security Update 2021-003 is installed for Catalina.

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
Unexpected system restarts
Kernel memory access errors in system logs

Network Indicators:

None - this is a local vulnerability

SIEM Query:

Search for kernel panic events or unexpected system restarts in macOS logs

📊 Metadata

CVE ID: CVE-2021-30719

CVSS v3 Score: 7.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE: CWE-125

Published: September 8, 2021

Last Updated: November 21, 2024

🔗 References

https://support.apple.com/en-us/HT212529 Release Notes,Vendor Advisory
https://support.apple.com/en-us/HT212530 Release Notes,Vendor Advisory
https://support.apple.com/en-us/HT212529 Release Notes,Vendor Advisory
https://support.apple.com/en-us/HT212530 Release Notes,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-30719, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Mac Os X by Apple

Mac Os X by Apple

Mac Os X by Apple

Mac Os X by Apple

Mac Os X by Apple

Mac Os X by Apple

Mac Os X by Apple

Mac Os X by Apple

Mac Os X by Apple

Macos by Apple

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict local user access

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities