CVE-2021-30760: 
macOS vulnerability analysis and mitigation

CVE-2021-30760 is a security vulnerability discovered in Apple's FontParser component that was fixed in July 2021. The vulnerability affects multiple Apple operating systems including iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, and Security Updates for macOS Mojave and Catalina. The issue was identified as an integer overflow vulnerability that could be exploited through processing maliciously crafted font files (Apple Support, NVD).

The vulnerability is classified as an integer overflow issue in the FontParser component that was addressed through improved input validation. It has a CVSS v3.1 Base Score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The vulnerability was discovered by Sunglin of Knownsec 404 team (NVD).

When exploited, the vulnerability could allow processing of a maliciously crafted font file to lead to arbitrary code execution on the affected system. This means an attacker could potentially execute malicious code with the privileges of the target application (Apple Support).

Apple addressed this vulnerability by releasing security updates across multiple platforms: iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, and Security Update 2021-004 Catalina. Users are advised to update their systems to these versions or later to protect against this vulnerability (Apple Support).