CVE-2021-1846

Processing a maliciously crafted audio file may disclose restricted memory. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An out-of-bounds read was addressed with improved input validation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
appleCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 52%
VendorProductVersion
appleipados
𝑥
< 14.5
appleiphone_os
𝑥
< 14.5
applemac_os_x
10.15
applemac_os_x
10.15.1
applemac_os_x
10.15.2
applemac_os_x
10.15.3
applemac_os_x
10.15.4
applemac_os_x
10.15.5
applemac_os_x
10.15.6
applemac_os_x
10.15.6
applemac_os_x
10.15.6:supplemental_update
applemac_os_x
10.15.7
applemac_os_x
10.15.7
applemac_os_x
10.15.7:security_update_2020
applemac_os_x
10.15.7:security_update_2020-001
applemac_os_x
10.15.7:security_update_2020-005
applemac_os_x
10.15.7:security_update_2020-007
applemac_os_x
10.15.7:security_update_2021-001
applemacos
11.0 ≤
𝑥
< 11.3
appletvos
𝑥
< 14.5
applewatchos
𝑥
< 7.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.apple.com/en-us/HT212317
https://support.apple.com/en-us/HT212323
https://support.apple.com/en-us/HT212324
https://support.apple.com/en-us/HT212325
https://support.apple.com/en-us/HT212326
https://support.apple.com/en-us/HT212317
https://support.apple.com/en-us/HT212323
https://support.apple.com/en-us/HT212324
https://support.apple.com/en-us/HT212325
https://support.apple.com/en-us/HT212326