Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2021-40531

Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without the com.apple.quarantine extended attribute. This results in remote code execution, as demonstrated by CommandString in a terminal profile to Terminal.app.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.058
EPSS Ranking 90.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2021-40531
  • Sketch » Sketch » Version: 3.0
    cpe:2.3:a:sketch:sketch:3.0
  • Sketch » Sketch » Version: 3.0.1
    cpe:2.3:a:sketch:sketch:3.0.1
  • Sketch » Sketch » Version: 3.0.2
    cpe:2.3:a:sketch:sketch:3.0.2
  • Sketch » Sketch » Version: 3.0.3
    cpe:2.3:a:sketch:sketch:3.0.3
  • Sketch » Sketch » Version: 3.0.4
    cpe:2.3:a:sketch:sketch:3.0.4
  • Sketch » Sketch » Version: 3.1
    cpe:2.3:a:sketch:sketch:3.1
  • Sketch » Sketch » Version: 3.1.1
    cpe:2.3:a:sketch:sketch:3.1.1
  • Sketch » Sketch » Version: 3.2
    cpe:2.3:a:sketch:sketch:3.2
  • Sketch » Sketch » Version: 3.2.1
    cpe:2.3:a:sketch:sketch:3.2.1
  • Sketch » Sketch » Version: 3.2.2
    cpe:2.3:a:sketch:sketch:3.2.2
  • Sketch » Sketch » Version: 3.3
    cpe:2.3:a:sketch:sketch:3.3
  • Sketch » Sketch » Version: 3.3.1
    cpe:2.3:a:sketch:sketch:3.3.1
  • Sketch » Sketch » Version: 3.3.2
    cpe:2.3:a:sketch:sketch:3.3.2
  • Sketch » Sketch » Version: 3.3.3
    cpe:2.3:a:sketch:sketch:3.3.3
  • Sketch » Sketch » Version: 3.4
    cpe:2.3:a:sketch:sketch:3.4
  • Sketch » Sketch » Version: 3.4.1
    cpe:2.3:a:sketch:sketch:3.4.1
  • Sketch » Sketch » Version: 3.4.2
    cpe:2.3:a:sketch:sketch:3.4.2
  • Sketch » Sketch » Version: 3.4.3
    cpe:2.3:a:sketch:sketch:3.4.3
  • Sketch » Sketch » Version: 3.4.4
    cpe:2.3:a:sketch:sketch:3.4.4
  • Sketch » Sketch » Version: 3.5
    cpe:2.3:a:sketch:sketch:3.5
  • Sketch » Sketch » Version: 3.5.1
    cpe:2.3:a:sketch:sketch:3.5.1
  • Sketch » Sketch » Version: 3.5.2
    cpe:2.3:a:sketch:sketch:3.5.2
  • Sketch » Sketch » Version: 3.6
    cpe:2.3:a:sketch:sketch:3.6
  • Sketch » Sketch » Version: 3.6.1
    cpe:2.3:a:sketch:sketch:3.6.1
  • Sketch » Sketch » Version: 3.7
    cpe:2.3:a:sketch:sketch:3.7
  • Sketch » Sketch » Version: 3.7.1
    cpe:2.3:a:sketch:sketch:3.7.1
  • Sketch » Sketch » Version: 3.7.2
    cpe:2.3:a:sketch:sketch:3.7.2
  • Sketch » Sketch » Version: 3.8
    cpe:2.3:a:sketch:sketch:3.8
  • Sketch » Sketch » Version: 3.8.1
    cpe:2.3:a:sketch:sketch:3.8.1
  • Sketch » Sketch » Version: 3.8.2
    cpe:2.3:a:sketch:sketch:3.8.2
  • Sketch » Sketch » Version: 3.8.3
    cpe:2.3:a:sketch:sketch:3.8.3
  • Sketch » Sketch » Version: 39
    cpe:2.3:a:sketch:sketch:39
  • Sketch » Sketch » Version: 39.1
    cpe:2.3:a:sketch:sketch:39.1
  • Sketch » Sketch » Version: 40
    cpe:2.3:a:sketch:sketch:40
  • Sketch » Sketch » Version: 40.1
    cpe:2.3:a:sketch:sketch:40.1
  • Sketch » Sketch » Version: 40.2
    cpe:2.3:a:sketch:sketch:40.2
  • Sketch » Sketch » Version: 40.3
    cpe:2.3:a:sketch:sketch:40.3
  • Sketch » Sketch » Version: 41
    cpe:2.3:a:sketch:sketch:41
  • Sketch » Sketch » Version: 41.1
    cpe:2.3:a:sketch:sketch:41.1
  • Sketch » Sketch » Version: 41.2
    cpe:2.3:a:sketch:sketch:41.2
  • Sketch » Sketch » Version: 42
    cpe:2.3:a:sketch:sketch:42
  • Sketch » Sketch » Version: 43
    cpe:2.3:a:sketch:sketch:43
  • Sketch » Sketch » Version: 43.1
    cpe:2.3:a:sketch:sketch:43.1
  • Sketch » Sketch » Version: 43.2
    cpe:2.3:a:sketch:sketch:43.2
  • Sketch » Sketch » Version: 44
    cpe:2.3:a:sketch:sketch:44
  • Sketch » Sketch » Version: 44.1
    cpe:2.3:a:sketch:sketch:44.1
  • Sketch » Sketch » Version: 45
    cpe:2.3:a:sketch:sketch:45
  • Sketch » Sketch » Version: 45.1
    cpe:2.3:a:sketch:sketch:45.1
  • Sketch » Sketch » Version: 45.2
    cpe:2.3:a:sketch:sketch:45.2
  • Sketch » Sketch » Version: 46
    cpe:2.3:a:sketch:sketch:46
  • Sketch » Sketch » Version: 46.1
    cpe:2.3:a:sketch:sketch:46.1
  • Sketch » Sketch » Version: 46.2
    cpe:2.3:a:sketch:sketch:46.2
  • Sketch » Sketch » Version: 47
    cpe:2.3:a:sketch:sketch:47
  • Sketch » Sketch » Version: 47.1
    cpe:2.3:a:sketch:sketch:47.1
  • Sketch » Sketch » Version: 48
    cpe:2.3:a:sketch:sketch:48
  • Sketch » Sketch » Version: 48.1
    cpe:2.3:a:sketch:sketch:48.1
  • Sketch » Sketch » Version: 48.2
    cpe:2.3:a:sketch:sketch:48.2
  • Sketch » Sketch » Version: 49
    cpe:2.3:a:sketch:sketch:49
  • Sketch » Sketch » Version: 49.1
    cpe:2.3:a:sketch:sketch:49.1
  • Sketch » Sketch » Version: 49.2
    cpe:2.3:a:sketch:sketch:49.2
  • Sketch » Sketch » Version: 49.3
    cpe:2.3:a:sketch:sketch:49.3
  • Sketch » Sketch » Version: 50
    cpe:2.3:a:sketch:sketch:50
  • Sketch » Sketch » Version: 50.1
    cpe:2.3:a:sketch:sketch:50.1
  • Sketch » Sketch » Version: 51
    cpe:2.3:a:sketch:sketch:51
  • Sketch » Sketch » Version: 51.1
    cpe:2.3:a:sketch:sketch:51.1
  • Sketch » Sketch » Version: 51.2
    cpe:2.3:a:sketch:sketch:51.2
  • Sketch » Sketch » Version: 51.3
    cpe:2.3:a:sketch:sketch:51.3
  • Sketch » Sketch » Version: 52
    cpe:2.3:a:sketch:sketch:52
  • Sketch » Sketch » Version: 52.1
    cpe:2.3:a:sketch:sketch:52.1
  • Sketch » Sketch » Version: 52.2
    cpe:2.3:a:sketch:sketch:52.2
  • Sketch » Sketch » Version: 52.3
    cpe:2.3:a:sketch:sketch:52.3
  • Sketch » Sketch » Version: 52.4
    cpe:2.3:a:sketch:sketch:52.4
  • Sketch » Sketch » Version: 52.5
    cpe:2.3:a:sketch:sketch:52.5
  • Sketch » Sketch » Version: 52.6
    cpe:2.3:a:sketch:sketch:52.6
  • Sketch » Sketch » Version: 53
    cpe:2.3:a:sketch:sketch:53
  • Sketch » Sketch » Version: 53.1
    cpe:2.3:a:sketch:sketch:53.1
  • Sketch » Sketch » Version: 53.2
    cpe:2.3:a:sketch:sketch:53.2
  • Sketch » Sketch » Version: 54
    cpe:2.3:a:sketch:sketch:54
  • Sketch » Sketch » Version: 54.1
    cpe:2.3:a:sketch:sketch:54.1
  • Sketch » Sketch » Version: 55.1
    cpe:2.3:a:sketch:sketch:55.1
  • Sketch » Sketch » Version: 55.2
    cpe:2.3:a:sketch:sketch:55.2
  • Sketch » Sketch » Version: 56
    cpe:2.3:a:sketch:sketch:56
  • Sketch » Sketch » Version: 56.1
    cpe:2.3:a:sketch:sketch:56.1
  • Sketch » Sketch » Version: 56.2
    cpe:2.3:a:sketch:sketch:56.2
  • Sketch » Sketch » Version: 56.3
    cpe:2.3:a:sketch:sketch:56.3
  • Sketch » Sketch » Version: 57
    cpe:2.3:a:sketch:sketch:57
  • Sketch » Sketch » Version: 57.1
    cpe:2.3:a:sketch:sketch:57.1
  • Sketch » Sketch » Version: 58
    cpe:2.3:a:sketch:sketch:58
  • Sketch » Sketch » Version: 59
    cpe:2.3:a:sketch:sketch:59
  • Sketch » Sketch » Version: 59.1
    cpe:2.3:a:sketch:sketch:59.1
  • Sketch » Sketch » Version: 60
    cpe:2.3:a:sketch:sketch:60
  • Sketch » Sketch » Version: 60.1
    cpe:2.3:a:sketch:sketch:60.1
  • Sketch » Sketch » Version: 61
    cpe:2.3:a:sketch:sketch:61
  • Sketch » Sketch » Version: 61.1
    cpe:2.3:a:sketch:sketch:61.1
  • Sketch » Sketch » Version: 61.2
    cpe:2.3:a:sketch:sketch:61.2
  • Sketch » Sketch » Version: 62
    cpe:2.3:a:sketch:sketch:62
  • Sketch » Sketch » Version: 63
    cpe:2.3:a:sketch:sketch:63
  • Sketch » Sketch » Version: 63.1
    cpe:2.3:a:sketch:sketch:63.1
  • Sketch » Sketch » Version: 64
    cpe:2.3:a:sketch:sketch:64
  • Sketch » Sketch » Version: 65
    cpe:2.3:a:sketch:sketch:65
  • Sketch » Sketch » Version: 65.1
    cpe:2.3:a:sketch:sketch:65.1
  • Sketch » Sketch » Version: 66
    cpe:2.3:a:sketch:sketch:66
  • Sketch » Sketch » Version: 66.1
    cpe:2.3:a:sketch:sketch:66.1
  • Sketch » Sketch » Version: 67
    cpe:2.3:a:sketch:sketch:67
  • Sketch » Sketch » Version: 67.1
    cpe:2.3:a:sketch:sketch:67.1
  • Sketch » Sketch » Version: 67.2
    cpe:2.3:a:sketch:sketch:67.2
  • Sketch » Sketch » Version: 68
    cpe:2.3:a:sketch:sketch:68
  • Sketch » Sketch » Version: 68.1
    cpe:2.3:a:sketch:sketch:68.1
  • Sketch » Sketch » Version: 68.2
    cpe:2.3:a:sketch:sketch:68.2
  • Sketch » Sketch » Version: 69
    cpe:2.3:a:sketch:sketch:69
  • Sketch » Sketch » Version: 69.1
    cpe:2.3:a:sketch:sketch:69.1
  • Sketch » Sketch » Version: 69.2
    cpe:2.3:a:sketch:sketch:69.2
  • Sketch » Sketch » Version: 70
    cpe:2.3:a:sketch:sketch:70
  • Sketch » Sketch » Version: 70.1
    cpe:2.3:a:sketch:sketch:70.1
  • Sketch » Sketch » Version: 70.2
    cpe:2.3:a:sketch:sketch:70.2
  • Sketch » Sketch » Version: 70.3
    cpe:2.3:a:sketch:sketch:70.3
  • Sketch » Sketch » Version: 70.4
    cpe:2.3:a:sketch:sketch:70.4
  • Sketch » Sketch » Version: 70.5
    cpe:2.3:a:sketch:sketch:70.5
  • Sketch » Sketch » Version: 70.6
    cpe:2.3:a:sketch:sketch:70.6
  • Sketch » Sketch » Version: 71
    cpe:2.3:a:sketch:sketch:71
  • Sketch » Sketch » Version: 71.1
    cpe:2.3:a:sketch:sketch:71.1
  • Sketch » Sketch » Version: 71.2
    cpe:2.3:a:sketch:sketch:71.2
  • Sketch » Sketch » Version: 72.1
    cpe:2.3:a:sketch:sketch:72.1
  • Sketch » Sketch » Version: 72.2
    cpe:2.3:a:sketch:sketch:72.2
  • Sketch » Sketch » Version: 72.3
    cpe:2.3:a:sketch:sketch:72.3
  • Sketch » Sketch » Version: 72.4
    cpe:2.3:a:sketch:sketch:72.4
  • Sketch » Sketch » Version: 73
    cpe:2.3:a:sketch:sketch:73
  • Sketch » Sketch » Version: 73.1
    cpe:2.3:a:sketch:sketch:73.1
  • Sketch » Sketch » Version: 74.1
    cpe:2.3:a:sketch:sketch:74.1
  • Apple » Macos » Version: N/A
    cpe:2.3:o:apple:macos:-


Products
Pricing
Contact Us

Shodan ® - All rights reserved