CVE-2021-1852
Description
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.5 and iPadOS 14.5. A local user may be able to read kernel memory.
CvssV3 impact
BaseSeverity | MEDIUM |
ConfidentialityImpact | HIGH |
AttackComplexity | LOW |
Scope | UNCHANGED |
AttackVector | LOCAL |
AvailabilityImpact | NONE |
IntegrityImpact | NONE |
PrivilegesRequired | LOW |
BaseScore | 5.5 |
VectorString | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Version | 3.1 |
UserInteraction | NONE |
CvssV2 impact
AccessComplexity | LOW |
ConfidentialityImpact | COMPLETE |
AvailabilityImpact | NONE |
IntegrityImpact | NONE |
BaseScore | 4.9 |
VectorString | AV:L/AC:L/Au:N/C:C/I:N/A:N |
Version | 2.0 |
AccessVector | LOCAL |
Authentication | NONE |