Trend Micro details CVE-2021-30724 privilege escalation flaw in macOS, iOS

Trend Micro disclosed technical details of a patched privilege escalation issue, tracked as CVE-2021-30724, that impacts macOS, iOS and iPadOS.

Trend Micro researchers disclosed technical details of a patched privilege escalation vulnerability, tracked as CVE-2021-30724, that impacts macOS, iOS, and iPadOS.

The flaw was reported to Apple by Trend Micro researcher Mickey Jin, and the It giant fixed the issue was addressed by the IT giant on May 24 with the release of macOS 11.4, iOS 14.6, and iPadOS 14.6.

“We discovered a vulnerability in macOS rooted in the Core Virtual Machine Server (CVMServer). The vulnerability, labeled CVE-2021-30724, is triggered by an integer overflow leading to an out-of-bounds memory access, from which point privilege escalation can be attained.” reads the analysis published by Trend Micro. “It affects devices running older versions of macOS Big Sur 11.4, iOS 14.6, and iPadOS 14.6.”

The flaw exists in the Core Virtual Machine Server (CVMServer), an XPC service and system daemon that runs with root privileges to handle XPC requests. The XPC framework was implemented by Apple to implement a low-level communication mechanism between different processes. Client processes send XPC request messages through an XPC-related API. In particular, the vulnerability resides in the XPC request message handler and an attacker can trigger it using specially crafted requests.

Apple addressed the vulnerability by improving checks, it added a check to avoid the integer overflow.

Trend Micro also released a proof-of-concept (PoC) exploit code.

“The vulnerability is moderately difficult to trigger, but not impossible, as we had demonstrated here. If CVE-2021-30724 is left unpatched, an attacker can elevate his privileges by exploiting the vulnerability. Users should keep their devices up-to-date to receive the latest patches.” concludes Trend Micro.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, CVE-2021-30724)

Share this…

Linkedin

Share this: Twitter

Print

LinkedIn

Facebook

More

Tumblr

Pocket

Share On

Source

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s