CVE-2015-1130
CVE-2015-1130
In short
A flaw in Apple OS X's Admin Framework allows local users to bypass authentication checks and gain administrator privileges without proper authorization. This is a privilege escalation vulnerability that affects systems before version 10.10.3.
Technical detail
The XPC (inter-process communication) implementation in the Admin Framework contains an authentication bypass vulnerability (CWE-59: improper link resolution) that allows authenticated local users to escalate privileges to admin level. The attack requires local access and occurs through unspecified XPC message handling vectors in the framework's privilege checking logic.
Summary generated and translated by AI from the official description.
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 5
githubgithub.com/sideeffect42/RootPipeTester★ 18githubgithub.com/Shmoopi/RootPipe-Demo★ 2cve_referencewww.exploit-db.com/exploits/36692/unverifiedexploitdbwww.exploit-db.com/exploits/36745unverifiedexploitdbwww.exploit-db.com/exploits/36692unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.htmlhttps://support.apple.com/HT204659https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-1130https://www.exploit-db.com/exploits/36692/http://www.osvdb.org/120418http://www.securityfocus.com/bid/73982http://www.securitytracker.com/id/1032048