What is the iOS App Sandbox?
The iOS app sandbox is a fundamental security boundary enforcing that each app can only access its own data and a limited set of system resources — apps cannot read other apps' files, access sensitive hardware (camera, microphone, contacts) without explicit permission, or communicate with arbitrary system components. The sandbox is enforced by the XNU kernel and runs every app in an isolated environment. Sandbox bypass vulnerabilities are high-value because they allow a compromised process (typically a WebKit renderer that has been exploited via a malicious web page or iMessage) to escape its isolation and reach sensitive resources or escalate privileges — converting limited renderer code execution into broader system access.
Overview
CVE-2021-31010 is a deserialization vulnerability (CWE-502) in Apple iOS, macOS, and watchOS that allows a sandboxed process to circumvent sandbox restrictions. The vulnerability has a Network attack vector (AV:N) with no user interaction required (UI:N), reflecting that the flaw can be triggered through network-delivered data processed by a sandboxed component. Apple patched this in the September 13, 2021 emergency release — the same update that addressed the FORCEDENTRY exploit chain (CVE-2021-30860, CVE-2021-30858, CVE-2021-30869). CISA added it to the KEV catalog in August 2022, eleven months after the patch.
Affected Versions
| Product | Vulnerable | Fixed |
|---|---|---|
| iOS before 14.8 | Yes | iOS 14.8 (September 13, 2021) |
| iPadOS before 14.8 | Yes | iPadOS 14.8 (September 13, 2021) |
| macOS Big Sur before 11.6 | Yes | macOS Big Sur 11.6 (September 13, 2021) |
| watchOS before 7.6.2 | Yes | watchOS 7.6.2 (September 13, 2021) |
Technical Details
- Root cause: Deserialization of untrusted data (CWE-502) — a sandboxed system component deserializes network-received data without sufficient validation, allowing an attacker to manipulate the deserialization process and trigger execution outside the expected sandbox context
- Sandbox escape mechanism: The deserialization flaw allows a process operating within iOS sandbox restrictions to bypass those restrictions — enabling access to resources, files, or APIs that should be unavailable to sandboxed code
- Network-reachable (AV:N, UI:N): Unlike most iOS LPE bugs that require local application execution, this vulnerability can be triggered remotely through data received over a network connection by a sandboxed process, making it useful in zero-click or near-zero-click exploit chains
- Chain component: In the FORCEDENTRY context, a sandbox bypass like CVE-2021-31010 bridges renderer code execution and kernel privilege escalation — it expands the attacker's reach beyond the initial sandboxed process without requiring a separate kernel exploit
- Integrity-only impact (C:N/I:H/A:N): The CVSS score reflects sandbox boundary violation affecting system integrity without direct confidentiality impact — in practice, sandbox escape opens pathways to subsequent higher-privilege exploitation
Discovery
Patched as part of Apple's September 13, 2021 emergency release addressing the complete FORCEDENTRY exploit chain. The simultaneous patching of this sandbox bypass alongside the FORCEDENTRY CoreGraphics and XNU vulnerabilities suggests it was identified as a component of the commercial spyware exploitation infrastructure analyzed by Citizen Lab and Google Project Zero.
Exploitation Context
CVE-2021-31010 was patched in the same emergency release as FORCEDENTRY — Apple's largest single iOS security response to commercial spyware exploitation. In sophisticated iOS exploit chains, sandbox bypass vulnerabilities provide the intermediate step between initial code execution in a restricted rendering process and full kernel privilege escalation. The August 2022 CISA KEV addition (eleven months after patch) reflects ongoing exploitation of the vulnerability against organizations with iOS fleets running versions older than iOS 14.8 — the ongoing deployment target for commercial surveillance operators who repurpose exploit chains against unpatched devices well after public disclosure.
Remediation
- Update iOS/iPadOS to 14.8 or later (any current iOS release contains the fix)
- Update macOS to Big Sur 11.6 or later
- Update watchOS to 7.6.2 or later
- All components of the September 2021 FORCEDENTRY patch (CVE-2021-30858, CVE-2021-30860, CVE-2021-30869) are fixed in the same release — updating to iOS 14.8 addresses the complete chain
- Enable automatic software updates to minimize exposure windows for future vulnerabilities
- For high-risk individuals: Lockdown Mode (iOS 16+) restricts attack surfaces including iMessage content processing and web content rendering that sandbox bypass vulnerabilities commonly target
Key Details
| Property | Value |
|---|---|
| CVE ID | CVE-2021-31010 |
| Vendor / Product | Apple — iOS, macOS, watchOS |
| NVD Published | 2021-08-24 |
| NVD Last Modified | 2025-10-23 |
| CVSS 3.1 Score | 7.5 |
| CVSS 3.1 Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
| Severity | HIGH |
| CWE | CWE-502 find similar ↗ |
| CISA KEV Added | 2022-08-25 |
| CISA KEV Deadline | 2022-09-15 |
| Known Ransomware Use | No |
CVSS 3.1 Breakdown
Required Action
Timeline
| Date | Event |
|---|---|
| 2021-09-13 | Apple releases iOS 14.8, macOS Big Sur 11.6, and watchOS 7.6.2 patching CVE-2021-31010 — same emergency release that patched FORCEDENTRY (CVE-2021-30860) |
| 2021-08-24 | CVE published |
| 2022-08-25 | Added to CISA Known Exploited Vulnerabilities catalog — eleven months after patch |
| 2022-09-15 | CISA BOD 22-01 remediation deadline |
References
| Resource | Type |
|---|---|
| Apple Security Advisory — iOS 14.8 and iPadOS 14.8 | Vendor Advisory |
| Apple Security Advisory — macOS Big Sur 11.6 | Vendor Advisory |
| Apple Security Advisory — watchOS 7.6.2 | Vendor Advisory |
| NVD — CVE-2021-31010 | Vulnerability Database |
| CISA KEV Catalog Entry | US Government |