EDB-36745
localosxVERIFIED
Apple Mac OSX - 'Rootpipe' Local Privilege Escalation (Metasploit)
CVE-2015-1130
Metasploit4/13/2015
CVE-2015-1130
7.8HIGHThe XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
Published: 4/10/2015Updated: 10/22/2025
CISA Known Exploited Vulnerability
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges.
Required Action:
Apply updates per vendor instructions.
Due Date:
2022-08-10
Description
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
AI AnalysisPowered by AI
Affected Products
applemac_os_x
Available Exploits (2)
References
- http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.htmlMailing ListVendor Advisory
- http://www.osvdb.org/120418Broken Link
- http://www.securityfocus.com/bid/73982ExploitThird Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032048Broken LinkThird Party AdvisoryVDB Entry
- https://support.apple.com/HT204659Vendor Advisory
- https://www.exploit-db.com/exploits/36692/ExploitThird Party AdvisoryVDB Entry
- http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.htmlMailing ListVendor Advisory
- http://www.osvdb.org/120418Broken Link
- http://www.securityfocus.com/bid/73982ExploitThird Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032048Broken LinkThird Party AdvisoryVDB Entry
- https://support.apple.com/HT204659Vendor Advisory
- https://www.exploit-db.com/exploits/36692/ExploitThird Party AdvisoryVDB Entry
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-1130