Apple Patches Critical Zero-Day Vulnerability Actively Exploited in the wild


    Along with the fix to various security flaws in its recent release of updates, Apple has also fixed a wildly exploited Zero-Day vulnerability in macOS. The vulnerability is tracked as CVE-2021-30713. It allows attackers to bypass Privacy preferences and gain additional permissions. This flaw is being exploited actively by XCSSET malware and can result in the exfiltration of sensitive data such as cryptocurrency addresses, credentials, and payment card information from Apple Store to the attacker's server.

    CVEs assigned:

    Affected Software:
    macOS Big Sur before 11.4

    To address this vulnerability, the Apple has released patch for macOS. For more information, please refer to our blog:
    Use SanerNow platform to apply this critical patch quickly across the organization as shown below.


    Vulnerability detection and patching of Apple macOS:
    1. Login to SanerNow platform
    2. Switch to the account/site specific view and Go to 'VM tool.'
    3. If your Application (macOS) is vulnerable, Saner lists the above CVE in 'Top Vulnerabilities or 'Recently Discovered Vulnerabilities' as shown in the below diagram:

    4. Search for this vulnerability in VM tool. If you are affected, apply the patch through PM -> Missing Patches.
    5. Select 'Groups/Devices' in the 'Asset Source' section and click 'Apply'.
    6. Select the product 'Apple Mac OS 11' from the 'Asset' section as shown in the below image:

    7. Select ‘Apply Selected Patches’ at the rightmost corner. This will prompt for ‘Creating Patch Task’. Fill in ‘Task Name’ and ‘Remediation Schedule' as per your preference and click on ‘Apply Selected Patches' as shown below:

    8. Remediation job will be created, which will fix the vulnerability by upgrading Apple Mac OS to the latest patch version.
    9. Once remediation is done, the Saner agent automatically scans again and uploads the result to SanerNow as shown below.


    Was this article helpful?
    0 out of 0 found this helpful