CVE-2021-1805: 
macOS vulnerability analysis and mitigation

CVE-2021-1805 is a security vulnerability in the Intel Graphics Driver component of Apple's macOS operating systems. The vulnerability was discovered by ABC Research s.r.o. working with Trend Micro Zero Day Initiative and was patched in February 2021. The affected systems include macOS Big Sur 11.2, macOS Catalina 10.15.7, and macOS Mojave versions (Apple Advisory).

The vulnerability is classified as an out-of-bounds write issue in the Intel Graphics Driver component. It received a CVSS v3.1 base score of 7.8 (HIGH) with vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, and a CVSS v2.0 base score of 9.3 (HIGH) with vector (AV:N/AC:M/Au:N/C:C/I:C/A:C). The vulnerability was addressed by implementing improved input validation in the affected systems (NVD).

The vulnerability allows an application to execute arbitrary code with kernel privileges, which represents a significant security risk as it could lead to complete system compromise. The high CVSS scores reflect the severity of potential impacts, including the possibility of unauthorized code execution at the kernel level (Apple Advisory, Rapid7).

Apple has released security updates to address this vulnerability: macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002. Users are advised to update their systems to these versions to mitigate the risk (Apple Advisory).