CVE-2021-1799: 
NixOS vulnerability analysis and mitigation

A port redirection vulnerability (CVE-2021-1799) was discovered affecting multiple Apple operating systems and Safari browser. The vulnerability was disclosed and patched in January 2021, affecting macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, and Safari 14.0.3. The issue was related to WebRTC functionality that could allow malicious websites to access restricted ports on arbitrary servers (Apple Support).

The vulnerability was identified as a port redirection issue in the WebRTC component. The security flaw was addressed by implementing additional port validation mechanisms. The vulnerability has a CVSS v3.1 Base Score of 6.5 (MEDIUM) with a vector string of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N, indicating it is network exploitable, requires low attack complexity, and no privileges, but does require user interaction (NVD).

When exploited, this vulnerability could allow a malicious website to access restricted ports on arbitrary servers, potentially leading to unauthorized access to internal network resources or services. The vulnerability affects multiple Apple platforms and could be exploited through Safari browser interactions (Apple Support, Gentoo Security).

Apple addressed this vulnerability by releasing security updates across multiple platforms. Users should update to macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, or Safari 14.0.3 depending on their device. For WebKitGTK users, updating to version 2.30.6 or later is recommended (Gentoo Security).