CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Mar 26, 2026

CVE-2021-30952

High

EPSS 1.5%CISA KEV

Apple/Multiple Products

Description

Apple tvOS, macOS, Safari, iPadOS and watchOS contain an integer overflow or wraparound vulnerability due to the processing of maliciously crafted web content that may lead to arbitrary code execution.

EPSS — Exploit Probability

1.5%

Higher than 81.2% of all CVEs

Required Action

https://support.apple.com/en-us/HT212975 ; https://support.apple.com/en-us/HT212976 ; https://support.apple.com/en-us/HT212978 ; https://support.apple.com/en-us/HT212980 ; https://support.apple.com/en-us/HT212982 ; https://nvd.nist.gov/vuln/detail/CVE-2021-30952

CVE-2021-30952

Description

EPSS — Exploit Probability

Required Action

Related Articles (4)

CISA warns feds to patch iOS flaws exploited in crypto-theft attacks

Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1

CISA Adds Five Known Exploited Vulnerabilities to Catalog

Apple patches older iPhones and iPads against Coruna exploits

Risk Assessment

Details

Timeline

Affected Product

External Links