Skip to main content

CVE-2021-31010

7.5
HIGHCVSS v3.1 Base Score
0.72%
LOW RiskEPSS (73rd percentile)
CWE-502

A deserialization issue was addressed through improved validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 12.5.5, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. A sandboxed process may be able to circumvent sandbox restrictions. Apple was aware of a report that this issue may have been actively exploited at the time of release..

Published: 8/24/2021
Modified: 10/23/2025
Back to CVE Lookup

Vulnerability Summary

CVSS v3 Score

7.5HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS v2 Score

5

AV:N/AC:L/Au:N/C:N/I:P/A:N

EPSS Score (Exploitation Probability)

0.72%LOW Exploitation Risk
73rd percentile

This vulnerability has a 0.72% probability of being exploited in the next 30 days, ranking higher than 73% of all scored CVEs.

CWE Classification

CWE-502

Learn More

CVSS Calculator

View this score breakdown or calculate a custom score

Understanding CVSS Scoring

Learn how severity scores are calculated and what they mean

CVE Prioritization Guide

Best practices for deciding which vulnerabilities to address first

What is a CVE?

Essential guide to Common Vulnerabilities and Exposures

CVE vs CWE Explained

Understand how CVEs relate to underlying weakness types