Apple has fixed a zero-day vulnerability in macOS Big Sur and iOS versions that is under active attack.
An attacker could exploit this serious flaw and take control of affected devices.
macOS Big Sur
Apple has released macOS Big Sur 11.5.1 that addresses an IOMobileFrameBuffer vulnerability CVE-2021-30807.
As a result, a malicious application could execute arbitrary code with kernel privileges.
“Apple is aware of a report that this issue may have been actively exploited,” Apple warned in the advisory.
iOS and iPad
Similarly, Apple also addressed the same issue CVE-2021-30807 as part of new security updates for iOS 14.7.1 and iPad 14.7.1.
Apple has confirmed this vulnerability has also been actively exploited.
The updates follow nearly a week after Apple released security updates for multiple Apple products to include macOS Big Sur 11.5 and iOS 14.7.
- Apple security updates for iOS 14.7, macOS Big Sur 11.5 and other products
- Apple fixes Boot Camp vulnerability (CVE-2021-30675)
- Apple fixes vulnerabilities under active exploit (CVE-2021-30663 and CVE-2021-30665)
- XCSSET malware now targets Apple’s macOS 11 and M1-based Macs
- Apple iOS 14.4.2 security update fixes zero-day vulnerability exploited in the wild