Please share the following information with your teams.
Information Security has noticed a zero-day vulnerability (CVE-2021-30806) for Apple iPhones, iPad, Apple watch and Mac OS exploited in the wild. The vulnerability allows a remote attacker to execute arbitrary code on the target system.
CVSS Score: (High) 8.4
The vulnerability exists due to integer overflow when processing PDF files within the CoreGraphics component. A remote attacker can trick the victim to open a specially crafted PDF file, trigger integer overflow and execute arbitrary code on the target system.
All iPhones with iOS versions prior to 14.8, All Mac computers with operating system versions prior to OSX Big Sur 11.6, Security Update 2021-005 Catalina, and all Apple Watches prior to watchOS 7.6.2
An attacker could exploit these vulnerability to take control of an affected device.
Apple released security updates.
UIT Client Services at email@example.com or 416 736 5800