Description
A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.
References
https://support.apple.com/en-us/HT212601
Vendor Advisory
https://support.apple.com/en-us/HT212604
Vendor Advisory
https://support.apple.com/en-us/HT212605
Vendor Advisory
CVSS impact metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
5.5 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2021-09-08T14:15:10.560
3 years agoLast modified
2021-09-15T18:25:10.677
3 years ago