NVD disclosure day
CVE-2021-1879
Halo Surface Signal: 3 out of 5 — possibly public-facing.
A vulnerability in Apple's operating systems could permit cross-site scripting when processing malicious web content. This may affect organizations using these systems, leading to unauthorized actions or data exposure. Active exploitation has been reported, posing a business risk.
CVE-2021-1871
Halo Surface Signal: 3 out of 5 — possibly public-facing.
A logic issue in WebKit, used for rendering web content, could allow a remote attacker to execute arbitrary code. Apple is aware of reports that this issue may have been actively exploited. This affects organizations using vulnerable Apple operating systems and any non-Apple products relying on WebKit. The business ris
CVE-2021-1870
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A logic issue in Apple software and WebKit allows for arbitrary code execution, posing a risk to affected organizations by potentially compromising data and operations. Attackers can exploit this vulnerability remotely, impacting systems that process web content. Organizations should apply vendor updates to mitigate th
CVE-2021-1789
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in web content processing could allow for arbitrary code execution on affected Apple operating systems. This poses a risk to organizations by potentially compromising systems and data. The U.S. CISA has identified this vulnerability as actively exploited, increasing the business risk.
CVE-2021-1782
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A race condition in Apple operating systems could allow a malicious application to gain elevated privileges, impacting affected devices. This vulnerability may have been actively exploited, presenting a risk of unauthorized system access and data compromise. Prompt application of vendor updates is advised.