CVE-2021-1810: 
macOS vulnerability analysis and mitigation

A logic issue in macOS that allowed malicious applications to bypass Gatekeeper checks was identified as CVE-2021-1810. The vulnerability was discovered by Rasmus Sten of F-Secure and affected macOS Big Sur and macOS Catalina operating systems. The issue was fixed in macOS Big Sur 11.3 and Security Update 2021-002 Catalina, released on April 26, 2021 (Apple Support, Apple Support Catalina).

The vulnerability was caused by a logic issue in the Archive Utility component of macOS that was addressed with improved state management. The issue received a CVSS v3.1 Base Score of 5.5 (MEDIUM) with a vector of CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N, indicating local access required, low attack complexity, no privileges required, and user interaction needed (NVD).

When exploited, this vulnerability allowed malicious applications to bypass Gatekeeper security checks, which are designed to prevent unauthorized applications from running on macOS systems. This could potentially allow unauthorized code execution and compromise system security (Apple Support).

Apple addressed this vulnerability by releasing security updates for affected systems. Users should update to macOS Big Sur 11.3 or install Security Update 2021-002 Catalina to protect against this vulnerability. The fix implemented improved state management in the Archive Utility component (Apple Support, Apple Support Catalina).