On 26 July 2021, Apple released an out-of-band security update to address an actively exploited vulnerability. Timely updates are recommended.
The issue, tracked as CVE-2021-30807, is in the subsystem of the IOMobileFramebuffer kernel extension. It is a local privilege escalation (LPE) flaw allowing a local application to trigger memory corruption and execute malicious code with kernel privileges.
Apple reported that this issue may have been actively exploited.
The versions of Apple products fixing this vulnerability are iOS 14.7.1, iPadOS 14.7.1, and macOS Big Sur 11.5.1.
If you are using any of the vulnerable Apple products, ensure you have the latest updates installed.
Check for and install software updates on your device manually by going to Settings > General > Software Update.