Back to KEVs

CVE-2021-30657

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A...

Basic Information

CVE State
PUBLISHED
Reserved Date
April 13, 2021
Published Date
September 08, 2021
Last Updated
January 29, 2025
Vendor
Apple
Product
macOS
Description
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited..

CVSS Scores

SSVC Information

Exploitation
active
Technical Impact
partial

Exploit Status

Exploited in the Wild
Yes (added 2021-11-03 00:00:00 UTC) Source
Proof of Concept Available
Yes (added 2021-11-07 18:33:35 UTC) Source

References

https://support.apple.com/en-us/HT212325 https://support.apple.com/en-us/HT212326

Known Exploited Vulnerability Information

Source Added Date
CISA 2021-11-03 00:00:00 UTC

Scanner Integrations

Scanner URL Date Detected
Metasploit https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/browser/osx_gatekeeper_bypass.rb 2025-04-29 11:01:26 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

shubham0d/CVE-2021-30657

Type: github • Created: 2021-11-07 18:33:35 UTC • Stars: 31

A sample POC for CVE-2021-30657 affecting MacOS