header-logo
Suggest Exploit
vendor:
OS X and iOS
by:
Google Security Research
5.5
CVSS
MEDIUM
Information Disclosure
200
CWE
Product Name: OS X and iOS
Affected Version From: OS X and iOS versions prior to the patched versions
Affected Version To: Latest patched versions
Patch Exists: YES
Related CWE: CVE-2021-30747
CPE: o:apple:mac_os_x, cpe:/o:apple:ios
Metasploit:
Other Scripts:
Platforms Tested:
2021

Apple OS X and iOS Panic Log Information Disclosure Vulnerability

This vulnerability allows an attacker to access sensitive information from the panic log of Apple OS X and iOS. By exploiting this vulnerability, an attacker can gain insights into the system's state and potentially discover sensitive information such as passwords, cryptographic keys, or other confidential data.

Mitigation:

To mitigate this vulnerability, Apple has released security advisories for OS X and iOS. Users are advised to update their systems to the latest versions to prevent potential information disclosure.
Source

Exploit-DB raw data:

Source: https://code.google.com/p/google-security-research/issues/detail?id=604

Panic log attached

OS X advisory: https://support.apple.com/en-us/HT205731
iOS advisory: https://support.apple.com/en-us/HT205732


Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/39363.zip