About the security content of watchOS 8
This document describes the security content of watchOS 8.
About Apple security updates
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.
Apple security documents reference vulnerabilities by CVE-ID when possible.
For more information about security, see the Apple Product Security page.
watchOS 8
Accessory Manager
Available for: Apple Watch Series 3 and later
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory consumption issue was addressed with improved memory handling.
CVE-2021-30837: Siddharth Aeri (@b1n4r1b01)
AppleMobileFileIntegrity
Available for: Apple Watch Series 3 and later
Impact: A local attacker may be able to read sensitive information
Description: This issue was addressed with improved checks.
CVE-2021-30811: an anonymous researcher working with Compartir
bootp
Available for: Apple Watch Series 3 and later
Impact: A device may be passively tracked by its WiFi MAC address
Description: A user privacy issue was addressed by removing the broadcast MAC address.
CVE-2021-30866: Fabien Duchêne of UCLouvain (Belgium)
CoreAudio
Available for: Apple Watch Series 3 and later
Impact: Processing a malicious audio file may result in unexpected application termination or arbitrary code execution
Description: A logic issue was addressed with improved state management.
CVE-2021-30834: JunDong Xie of Ant Security Light-Year Lab
CoreGraphics
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted image may lead to arbitrary code execution
Description: A memory corruption issue was addressed with improved input validation.
CVE-2021-30928: Mickey Jin (@patch1t) of Trend Micro
FaceTime
Available for: Apple Watch Series 3 and later
Impact: An application with microphone permission may unexpectedly access microphone input during a FaceTime call
Description: A logic issue was addressed with improved validation.
CVE-2021-30882: Adam Bellard and Spencer Reitman of Airtime
FontParser
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted font may result in the disclosure of process memory
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2021-30831: Xingwei Lin of Ant Security Light-Year Lab
FontParser
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted dfont file may lead to arbitrary code execution
Description: This issue was addressed with improved checks.
CVE-2021-30840: Xingwei Lin of Ant Security Light-Year Lab
FontParser
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted dfont file may lead to arbitrary code execution
Description: This issue was addressed with improved checks.
CVE-2021-30841: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-30842: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-30843: Xingwei Lin of Ant Security Light-Year Lab
Foundation
Available for: Apple Watch Series 3 and later
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A type confusion issue was addressed with improved memory handling.
CVE-2021-30852: Yinyi Wu (@3ndy1) of Ant Security Light-Year Lab
ImageIO
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted image may lead to arbitrary code execution
Description: A memory corruption issue was addressed with improved input validation.
CVE-2021-30814: hjy79425575
ImageIO
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted image may lead to arbitrary code execution
Description: This issue was addressed with improved checks.
CVE-2021-30835: Ye Zhang of Baidu Security
CVE-2021-30847: Mike Zhang of Pangu Lab
Kernel
Available for: Apple Watch Series 3 and later
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved locking.
CVE-2021-30857: Manish Bhatt of Red Team X @Meta, Zweig of Kunlun Lab
libexpat
Available for: Apple Watch Series 3 and later
Impact: A remote attacker may be able to cause a denial of service
Description: This issue was addressed by updating expat to version 2.4.1.
CVE-2013-0340: an anonymous researcher
Preferences
Available for: Apple Watch Series 3 and later
Impact: An application may be able to access restricted files
Description: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.
CVE-2021-30855: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)
Preferences
Available for: Apple Watch Series 3 and later
Impact: A sandboxed process may be able to circumvent sandbox restrictions
Description: A logic issue was addressed with improved state management.
CVE-2021-30854: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)
Sandbox
Available for: Apple Watch Series 3 and later
Impact: A malicious application may be able to bypass Privacy preferences
Description: The issue was addressed with improved permissions logic.
CVE-2021-30925: Csaba Fitzl (@theevilbit) of Offensive Security
Sandbox
Available for: Apple Watch Series 3 and later
Impact: A malicious application may be able to modify protected parts of the file system
Description: This issue was addressed with improved checks.
CVE-2021-30808: Csaba Fitzl (@theevilbit) of Offensive Security
WebKit
Available for: Apple Watch Series 3 and later
Impact: Visiting a maliciously crafted website may reveal a user's browsing history
Description: The issue was resolved with additional restrictions on CSS compositing.
CVE-2021-30884: an anonymous researcher
WebKit
Available for: Apple Watch Series 3 and later
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A type confusion issue was addressed with improved state handling.
CVE-2021-30818: Amar Menezes (@amarekano) of Zon8Research
WebKit
Available for: Apple Watch Series 3 and later
Impact: An attacker in a privileged network position may be able to bypass HSTS
Description: A logic issue was addressed with improved restrictions.
CVE-2021-30823: David Gullasch of Recurity Labs
WebKit
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted audio file may disclose restricted memory
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2021-30836: Peter Nguyen Vu Hoang of STAR Labs
WebKit
Available for: Apple Watch Series 3 and later
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A use after free issue was addressed with improved memory management.
CVE-2021-30809: an anonymous researcher
WebKit
Available for: Apple Watch Series 3 and later
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30846: Sergei Glazunov of Google Project Zero
WebKit
Available for: Apple Watch Series 3 and later
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
CVE-2021-30849: Sergei Glazunov of Google Project Zero
WebKit
Available for: Apple Watch Series 3 and later
Impact: Processing maliciously crafted web content may lead to code execution
Description: A memory corruption vulnerability was addressed with improved locking.
CVE-2021-30851: Samuel Groß of Google Project Zero
Wi-Fi
Available for: Apple Watch Series 3 and later
Impact: An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup
Description: An authorization issue was addressed with improved state management.
CVE-2021-30810: Peter Scott
Additional recognition
bootp
We would like to acknowledge Alexander Burke of alexburke.ca for their assistance.
FaceTime
We would like to acknowledge Mohammed Waqqas Kakangarai for their assistance.
Kernel
We would like to acknowledge Joshua Baums of Informatik Baums for their assistance.
Sandbox
We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance.
UIKit
We would like to acknowledge Jason Rendel of Diligent for their assistance.
UIKit
We would like to acknowledge Jason Rendel of Diligent for their assistance.
WebKit
We would like to acknowledge Nikhil Mittal (@c0d3G33k) for their assistance.
Wi-Fi
We would like to acknowledge Peter Scott for their assistance.
Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.