CVE-2021-30658: 
macOS vulnerability analysis and mitigation

CVE-2021-30658 is a security vulnerability discovered in macOS Big Sur that affects the Installer component. The vulnerability was disclosed and patched by Apple in macOS Big Sur 11.3, released on April 26, 2021. The issue allows a malicious application to bypass Gatekeeper checks, which is a critical security feature in macOS designed to protect users from malicious software (Apple Support).

The vulnerability stems from an issue in handling file metadata in the macOS Installer component. The security flaw was addressed by Apple through improved handling of file metadata. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N, indicating that it requires local access and user interaction to exploit (NVD).

The primary impact of this vulnerability is the potential bypass of Gatekeeper security checks. Gatekeeper is a security feature in macOS that verifies applications before allowing them to run, ensuring they are from identified developers and have not been tampered with. A successful exploit could allow malicious applications to evade these security controls (SecurityWeek).

Apple addressed this vulnerability in macOS Big Sur 11.3. Users should update their systems to this version or later to protect against this security issue. The fix involves improved handling of file metadata in the Installer component (Apple Support).