CISA has added CVE-2021-30952 to the Known Exploited Vulnerabilities (KEV) catalogue, affecting Apple across multiple products (tvOS, macOS, Safari, iPadOS and watchOS) with an integer overflow or wraparound vulnerability in the processing of malicious web content that may lead to arbitrary code execution.
The vulnerability is an integer overflow or wraparound when handling web content in affected Apple software. It can enable arbitrary code execution on vulnerable devices when a user processes malicious web content via Safari or other components listed as affected. The CVSS v3.1 base score is 8.8 (HIGH). Patch status is unknown; there is no patch/advisory URL available at present.
Active exploitation has been confirmed, aligning with KEV’s purpose of tracking exploited vulnerabilities. There is no known ransomware campaign use for this CVE. The remediation due date is 26 March 2026.
CISA’s required remediation action is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Directly affected organisations include FCEB agencies, and it is recommended that all organisations review their exposure.
For full details, see the NVD entry at https://nvd.nist.gov/vuln/detail/CVE-2021-30952 and the CISA KEV catalogue.