The XPC implementation in Admin Framework in Apple OS X prior to 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x |
'I love Apple products, I just wish they were secure'
A former NSA staffer turned security researcher is warning that bypassing typical OS X security tools is trivial. Patrick Wardle, a former NSA staffer and NASA intern who now heads up research at crowd-sourced security intelligence firm Synack, found that Apple's defensive Gatekeeper technology can be bypassed allowing unsigned code to run. Apple's Gatekeeper utility is pre-installed in Mac OS X PCs and used to verify code. The tool is designed so that by default it will only allow signed code t...
Unless you're happy with an odd root 'backdoor' lurking on your machine, that is
Swedish hacker Emil Kvarnhammar has reported a since-fixed four-year-old local root 'backdoor' OS X that allows remote attackers to increase the damage of their hacks. Kvarnhammar says the unpublished API, which he dubs a backdoor, grants root access to local users on unpatched boxes. The flaw (CVE-2015-1130) is fixed in Apple's patch run this week but for machines running OS X 10.10.x only. Kvarnhammar says it is useful as a means to bolster remote attacks that use regular user accounts which l...