EDB-36745
localosxVERIFIED
Apple Mac OSX - 'Rootpipe' Local Privilege Escalation (Metasploit)
CVE-2015-1130
Metasploit4/13/2015
CVE-2015-1130
7.8HIGHThe XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
Опубликовано: 4/10/2015Обновлено: 10/22/2025
Известная эксплуатируемая уязвимость CISA
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges.
Требуемое действие:
Apply updates per vendor instructions.
Срок:
2022-08-10
Описание
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
ИИ-АнализНа базе ИИ
Затронутые продукты
applemac_os_x
Доступные эксплойты (2)
Ссылки
- http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.htmlMailing ListVendor Advisory
- http://www.osvdb.org/120418Broken Link
- http://www.securityfocus.com/bid/73982ExploitThird Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032048Broken LinkThird Party AdvisoryVDB Entry
- https://support.apple.com/HT204659Vendor Advisory
- https://www.exploit-db.com/exploits/36692/ExploitThird Party AdvisoryVDB Entry
- http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.htmlMailing ListVendor Advisory
- http://www.osvdb.org/120418Broken Link
- http://www.securityfocus.com/bid/73982ExploitThird Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032048Broken LinkThird Party AdvisoryVDB Entry
- https://support.apple.com/HT204659Vendor Advisory
- https://www.exploit-db.com/exploits/36692/ExploitThird Party AdvisoryVDB Entry
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-1130