{"vulnerability": "CVE-2021-1782", "sightings": [{"uuid": "92e421fd-2c29-4000-9522-fac46e98549e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1782", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "589eab34-b4b2-4f49-b86f-bb828fb8c33a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1782", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:17.000000Z"}, {"uuid": "ac0ff8e5-e72c-49b9-9718-ff31578cb197", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1782", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971139", "content": "", "creation_timestamp": "2024-12-24T20:24:49.456925Z"}, {"uuid": "c588a1ed-fb1f-43fa-aca0-f80abad5ff68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-1782", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/78530407-56d0-47a6-aa0e-30eb263688ba", "content": "", "creation_timestamp": "2026-02-02T12:28:37.128436Z"}, {"uuid": "6216f9f3-8941-4195-8aff-ee3bf411bc2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1782", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:51.000000Z"}, {"uuid": "fd61bed5-759d-4d47-abd6-2cb52bdd4c12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-1782", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=543", "content": "", "creation_timestamp": "2021-01-27T04:00:00.000000Z"}, {"uuid": "712362ac-ceac-42fe-8178-f334ab7ace9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1782", "type": "exploited", "source": "Telegram/uXNSufdrEmM7o14q4Rz7J6PjMjMOzTBuICNU0Exja-ioUhk-", "content": "", "creation_timestamp": "2025-02-06T02:39:12.000000Z"}, {"uuid": "1d2dcd3d-f49b-42c2-9440-064e4215ad03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1782", "type": "published-proof-of-concept", "source": "https://t.me/cKure/4137", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2021-1782: Hackers release a new jailbreak tool for almost every iPhone.\n\nhttps://techcrunch.com/2021/03/01/hackers-unc0ver-jailbreak-iphone/", "creation_timestamp": "2021-03-02T06:07:59.000000Z"}, {"uuid": "839694b4-484e-498c-a606-0e7474b06035", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1782", "type": "seen", "source": "https://t.me/ctinow/50296", "content": "CVE-2021-1782, an iOS in-the-wild vulnerability in vouchers\n\nhttps://ift.tt/tgksRDx", "creation_timestamp": "2022-04-14T18:06:42.000000Z"}, {"uuid": "01388115-265d-40e5-a087-e599a6cc33bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1782", "type": "exploited", "source": "https://t.me/alexmakus/3855", "content": "iOS 14.4 and iPadOS 14.4\nReleased January 26, 2021\nKernel\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\nImpact: A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited.\nDescription: A race condition was addressed with improved locking.\nCVE-2021-1782: an anonymous researcher\n\nApple is aware of a report that this issue may have been actively exploited.\n\n\nthis issue may have been actively exploited.\n\nhttps://support.apple.com/en-us/HT212146", "creation_timestamp": "2021-01-26T19:50:53.000000Z"}, {"uuid": "3f2ea72f-1ea9-448f-981a-154b740b5079", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1782", "type": "exploited", "source": "Telegram/FnK_tjcv4bvpPL4uo0YM-eTcNi7nXwbzPuFwoqnErA6Q0SDV", "content": "", "creation_timestamp": "2025-03-02T11:45:36.000000Z"}, {"uuid": "61c7b9d8-c89b-4af3-9c59-77336e1387d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1782", "type": "exploited", "source": "https://t.me/androidMalware/1510", "content": "CVE-2021-1782, an iOS in-the-wild vulnerability in vouchers\n\nhttps://googleprojectzero.blogspot.com/2022/04/cve-2021-1782-ios-in-wild-vulnerability.html", "creation_timestamp": "2022-04-14T17:29:43.000000Z"}, {"uuid": "c899a881-2045-4819-b9ff-bcb68a1b0419", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1782", "type": "exploited", "source": "https://t.me/androidMalware/1514", "content": "A Year in Review of 0-days Used In-the-Wild in 2021 by Google\nIn 2021 there were 7 #Android in-the-wild 0-days detected and disclosed:\n - Qualcomm Adreno GPU driver (CVE-2020-11261, CVE-2021-1905, CVE-2021-1906)\n - ARM Mali GPU driver (CVE-2021-28663, CVE-2021-28664)\n - Upstream Linux kernel (CVE-2021-1048, CVE-2021-0920)\n\nFor the 5 total #iOS and macOS in-the-wild 0-days, they targeted 3 different attack surfaces:\n - IOMobileFrameBuffer (CVE-2021-30807, CVE-2021-30883)\n - XNU Kernel (CVE-2021-1782 & CVE-2021-30869)\n - CoreGraphics (CVE-2021-30860)\n - CommCenter (FORCEDENTRY sandbox escape - CVE requested, not yet assigned)\nhttps://googleprojectzero.blogspot.com/2022/04/the-more-you-know-more-you-know-you.html", "creation_timestamp": "2022-04-27T11:03:23.000000Z"}, {"uuid": "412def0e-aeaf-4938-9639-d312ddb630af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1782", "type": "exploited", "source": "https://t.me/thebugbountyhunter/6166", "content": "CVE-2021-1782, an iOS in-the-wild vulnerability in vouchers\n\nhttps://googleprojectzero.blogspot.com/2022/04/cve-2021-1782-ios-in-wild-vulnerability.html", "creation_timestamp": "2022-04-14T20:31:25.000000Z"}, {"uuid": "d12a245c-82ba-42e9-9ce8-b8286b4b4dc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1782", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1940", "content": "#exploit\n+ CVE-2022-28345:\nSignal client for iOS < 5.33.2 are vulnerable to RTLO Injection URI Spoofing using malicious URLs\nhttps://sick.codes/sick-2022-42\n\n+ CVE-2021-1782:\nan iOS in-the-wild vulnerability in vouchers\nhttps://googleprojectzero.blogspot.com/2022/04/cve-2021-1782-ios-in-wild-vulnerability.html\n\n@BlueRedTeam", "creation_timestamp": "2022-04-15T22:53:32.000000Z"}, {"uuid": "f253d78e-dee0-4f29-8cbd-534543fc0703", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1782", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2807", "content": "#Analytics\n10 most exploited vulnerabilities of the week (feb 22-28)\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-21972 - VMware vCenter RCE\nhttps://swarm.ptsecurity.com/unauth-rce-vmware/#more-2477\nhttps://github.com/QmF0c3UK/CVE-2021-21972-vCenter-6.5-7.0-RCE-POC\nhttps://github.com/NS-Sp4ce/CVE-2021-21972\nhttps://github.com/yaunsky/CVE-2021-21972\nCVE-2021-1782 - iOS\\iPadOS 14.3 kernel LPE\nhttps://t.me/cybersecuritytechnologies/2694\nCVE-2021-3177 - Python3 Buffer Overflow\nhttps://t.me/cybersecuritytechnologies/2740\nCVE-2021-21973 - VMware vCenter SSRF\nhttps://mobile.twitter.com/osama_hroot/status/1365586206982082560/photo/1\nCVE-2017-0005 - Windows GDI EoP\nhttps://t.me/cybersecuritytechnologies/443\nCVE-2021-24093 - Win Graph. Component RCE\nhttps://t.me/cybersecuritytechnologies/2806\nCVE-2021-25281/25282 - SaltStack Exploit\nhttps://github.com/Immersive-Labs-Sec/CVE-2021-25281\nCVE-2018-19518 - PHP IMAP Vuln.\nhttps://t.me/cybersecuritytechnologies/1649", "creation_timestamp": "2021-03-01T11:00:27.000000Z"}, {"uuid": "0cdd08a1-d6c6-4528-b1d1-ba5aef8e5429", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1782", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2815", "content": "#Analytics\nTop 10 Most Used Vulnerabilities of the Month (feb 1-28)\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-21972 - VMware vCenter RCE\nhttps://swarm.ptsecurity.com/unauth-rce-vmware/#more-2477\nhttps://github.com/QmF0c3UK/CVE-2021-21972-vCenter-6.5-7.0-RCE-POC\nhttps://github.com/NS-Sp4ce/CVE-2021-21972\nhttps://github.com/yaunsky/CVE-2021-21972\nCVE-2021-1732 - Windows kernel 0-day exploit is used by BITTER APT\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-1782 - iOS\\iPadOS 14.3 kernel LPE\nhttps://t.me/cybersecuritytechnologies/2694\nCVE-2021-25646 - Apache Druid <=0.20.1 RCE\nhttps://t.me/cybersecuritytechnologies/2639\nCVE-2020-27932 - A type confusion in MacOS 10.15.7\nhttps://t.me/cybersecuritytechnologies/2383\nCVE-2021-24074, CVE-2021-24094, CVE-2021-24086 - Windows IPv4/IPv6 Stack RCE/DoS Vulnerabilities\nhttps://unit42.paloaltonetworks.com/cve-2021-24074-patch-tuesday", "creation_timestamp": "2021-03-03T05:37:03.000000Z"}, {"uuid": "6ab097a0-8d06-46f9-955a-53463a971bcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1782", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2694", "content": "#Threat_Research\nAnalysis and exploitation of the iOS\\iPadOS 14.3 kernel LPE vulnerability (PoC for CVE-2021-1782)\nhttps://github.com/ModernPwner/cicuta_virosa", "creation_timestamp": "2021-02-15T06:56:29.000000Z"}, {"uuid": "944e1bed-2148-4e84-b894-f6241937c873", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1782", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5812", "content": "#exploit\n1. CVE-2022-28345:\nSignal client for iOS < 5.33.2 are vulnerable to RTLO Injection URI Spoofing using malicious URLs\nhttps://sick.codes/sick-2022-42\n\n2. CVE-2021-1782:\nan iOS in-the-wild vulnerability in vouchers\nhttps://googleprojectzero.blogspot.com/2022/04/cve-2021-1782-ios-in-wild-vulnerability.html", "creation_timestamp": "2022-04-15T23:44:05.000000Z"}, {"uuid": "75c7716c-e2ea-44ce-ab00-072090f14ee3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-1782", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2708", "content": "#Analytics\n10 most exploited vulnerabilities of the week (feb 8-14)\nCVE-2020-1472 - Microsoft Zerologon\nhttps://t.me/cybersecuritytechnologies/1742\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-1732 - Windows kernel 0-day exploit is used by BITTER APT in targeted attack\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2020-2037 - Palo Alto PAN-OS vulnerability\nhttps://t.me/cybersecuritytechnologies/2687\nCVE-2021-24074, CVE-2021-24086, CVE-2021-24094 - Windows IPv4/IPv6 Stack RCE/DoS Vulnerabilities\nhttps://unit42.paloaltonetworks.com/cve-2021-24074-patch-tuesday\nCVE-2021-1782 - iOS\\iPadOS 14.3 kernel LPE vulnerability\nhttps://t.me/cybersecuritytechnologies/2694\nCVE-2021-21017 - Acrobat Reader DC\u00a0a heap-based buffer overflow vulnerability\nhttps://threatpost.com/critical-adobe-windows-flaw/163789\nCVE-2020-24581 - D-Link DSL-2888A AU_2.31_V1x - RCE\nhttps://t.me/cybersecuritytechnologies/2670", "creation_timestamp": "2021-02-15T11:00:19.000000Z"}]}