CVE-2021-30721: 
macOS vulnerability analysis and mitigation

A path handling issue vulnerability (CVE-2021-30721) was discovered in Apple macOS's SMB server component. The vulnerability was discovered by Aleksandar Nikolic of Cisco Talos and was fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, and Security Update 2021-004 Mojave, released on May 24, 2021. The vulnerability affects macOS systems running versions prior to these updates (Apple Advisory, Cisco Talos).

The vulnerability exists in the SMB Server's directory query handling mechanism. When processing QUERYDIRECTORY requests in SMB2 and newer protocol versions, the server improperly validates input strings that contain UNIX paths beginning with '/'. This path handling issue allows authenticated users to bypass intended directory restrictions and access files outside the shared directory scope ([Cisco Talos](https://www.talosintelligence.com/vulnerabilityreports/TALOS-2021-1269)). The vulnerability has been assigned a CVSS v3.1 base score of 6.5 MEDIUM (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) (NVD).

An attacker in a privileged network position can exploit this vulnerability to leak sensitive user information from the affected system. The vulnerability allows unauthorized access to file metadata, including access timestamps, sizes, and other information about files that should be restricted (Apple Advisory, Cisco Talos).

Apple has addressed this vulnerability by improving path validation in the SMB server component. Users should update to macOS Big Sur 11.4, Security Update 2021-003 Catalina, or Security Update 2021-004 Mojave to protect against this vulnerability (Apple Advisory).