Apple has released security updates to patch three zero-day vulnerabilities that attackers might have exploited in the wild.
In all three cases, Apple said that it is aware of reports that the security issues "
may have been actively exploited," but it didn't provide details on the attacks or threat actors who may have exploited the zero-days.
Exploitable for privacy bypass and code execution
Two of the three zero-days (tracked as
CVE-2021-30663 and CVE-2021-30665) impact WebKit on Apple TV 4K and Apple TV HD devices.
Webkit is Apple's browser rendering engine used by its web browsers and applications to render HTML content on its desktop and mobile platforms, including iOS, macOS, tvOS, and iPadOS.