Sign-up

ID

VAR-201504-0081


CVE

CVE-2015-1130


TITLE

Apple OS X of Admin Framework of XPC Vulnerabilities that prevent authentication from being implemented

Trust: 0.8

sources: JVNDB: JVNDB-2015-002163

DESCRIPTION

The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. http://cwe.mitre.org/data/definitions/254.htmlAuthentication bypassed by local users, and admin You may get permission. The update addresses new vulnerabilities that affect the Admin Framework, ATS, CoreAnimation, Graphics Driver, Hypervisor, ImageIO, IOHIDFamily, Kernel, LaunchServices, UniformTypeIdentifiers, Security - Code Signing, Open Directory Client, and Screen Sharing components. Attackers can exploit these issues to execute arbitrary code with system privileges, gain admin privileges, bypass security restrictions, cause denial-of-service conditions, obtain sensitive information and perform other attacks. These issues affect Mac OS X prior to 10.10.3

Trust: 2.07

sources: NVD: CVE-2015-1130 // JVNDB: JVNDB-2015-002163 // BID: 73982 // VULHUB: VHN-79090 // VULMON: CVE-2015-1130

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:ltversion:10.10.3

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.10 to 10.10.2

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.10.2

Trust: 0.6

sources: JVNDB: JVNDB-2015-002163 // CNNVD: CNNVD-201504-155 // NVD: CVE-2015-1130

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-1130
value: HIGH

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2015-1130
value: HIGH

Trust: 1.0

NVD: CVE-2015-1130
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201504-155
value: HIGH

Trust: 0.6

VULHUB: VHN-79090
value: HIGH

Trust: 0.1

VULMON: CVE-2015-1130
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2015-1130
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-79090
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2015-1130
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 2.0

sources: VULHUB: VHN-79090 // VULMON: CVE-2015-1130 // JVNDB: JVNDB-2015-002163 // CNNVD: CNNVD-201504-155 // NVD: CVE-2015-1130 // NVD: CVE-2015-1130

PROBLEMTYPE DATA

problemtype:CWE-59

Trust: 1.0

problemtype:CWE-Other

Trust: 0.8

problemtype:CWE-254

Trust: 0.1

sources: VULHUB: VHN-79090 // JVNDB: JVNDB-2015-002163 // NVD: CVE-2015-1130

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201504-155

TYPE

Unknown

Trust: 0.3

sources: BID: 73982

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-002163

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-79090 // 
            
            
            
            VULMON: CVE-2015-1130

PATCH
title:APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004url:http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
Trust: 0.8
title:HT204659url:http://support.apple.com/en-us/HT204659
Trust: 0.8
title:HT204659url:http://support.apple.com/ja-jp/HT204659
Trust: 0.8
title:OSXUpd10.10.3url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54848
Trust: 0.6
title:iPhone7,1_8.3_12F70_Restoreurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54847
Trust: 0.6
title:AppleTV3,2_7.2_12F69_Restoreurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54849
Trust: 0.6
title:The Registerurl:https://www.theregister.co.uk/2015/05/07/mac_malware/
Trust: 0.2
title:The Registerurl:https://www.theregister.co.uk/2015/04/10/hacker_digs_up_os_x_root_backdoor/
Trust: 0.2
title: - url:https://github.com/MrE-Fog/RootPipe-Demo 
Trust: 0.1
title:rootpipourl:https://github.com/melomac/rootpipo 
Trust: 0.1
title:RootPipe-Demourl:https://github.com/Shmoopi/RootPipe-Demo 
Trust: 0.1
title:suid_scanurl:https://github.com/univ-of-utah-marriott-library-apple/suid_scan 
Trust: 0.1
title:RootPipeTesterurl:https://github.com/sideeffect42/RootPipeTester 
Trust: 0.1
title:source_code_analyzerurl:https://github.com/svartkanin/source_code_analyzer 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2015-1130 // 
            
            
            
            JVNDB: JVNDB-2015-002163 // 
            
            
            
            CNNVD: CNNVD-201504-155

EXTERNAL IDS
db:NVDid:CVE-2015-1130
Trust: 2.9
db:BIDid:73982
Trust: 1.5
db:SECTRACKid:1032048
Trust: 1.2
db:OSVDBid:120418
Trust: 1.2
db:EXPLOIT-DBid:36692
Trust: 1.2
db:JVNid:JVNVU91828320
Trust: 0.8
db:JVNDBid:JVNDB-2015-002163
Trust: 0.8
db:CNNVDid:CNNVD-201504-155
Trust: 0.7
db:ZDIid:ZDI-15-121
Trust: 0.3
db:ZDIid:ZDI-15-165
Trust: 0.3
db:PACKETSTORMid:131381
Trust: 0.1
db:PACKETSTORMid:131368
Trust: 0.1
db:SEEBUGid:SSVID-89389
Trust: 0.1
db:EXPLOIT-DBid:36745
Trust: 0.1
db:VULHUBid:VHN-79090
Trust: 0.1
db:VULMONid:CVE-2015-1130
Trust: 0.1
sources:
            
            
            VULHUB: VHN-79090 // 
            
            
            
            VULMON: CVE-2015-1130 // 
            
            
            
            BID: 73982 // 
            
            
            
            JVNDB: JVNDB-2015-002163 // 
            
            
            
            CNNVD: CNNVD-201504-155 // 
            
            
            
            NVD: CVE-2015-1130

REFERENCES
url:http://lists.apple.com/archives/security-announce/2015/apr/msg00001.html
Trust: 1.8
url:https://support.apple.com/ht204659
Trust: 1.8
url:http://www.securityfocus.com/bid/73982
Trust: 1.3
url:https://www.exploit-db.com/exploits/36692/
Trust: 1.3
url:http://www.osvdb.org/120418
Trust: 1.2
url:http://www.securitytracker.com/id/1032048
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1130
Trust: 0.8
url:http://jvn.jp/vu/jvnvu91828320/index.html
Trust: 0.8
url:https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1130
Trust: 0.8
url:http://www.apple.com/macosx/
Trust: 0.3
url:https://support.apple.com/en-us/ht204659
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-15-165/
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-15-121/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/254.html
Trust: 0.1
url:https://github.com/mre-fog/rootpipe-demo
Trust: 0.1
url:https://github.com/melomac/rootpipo
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULHUB: VHN-79090 // 
            
            
            
            VULMON: CVE-2015-1130 // 
            
            
            
            BID: 73982 // 
            
            
            
            JVNDB: JVNDB-2015-002163 // 
            
            
            
            CNNVD: CNNVD-201504-155 // 
            
            
            
            NVD: CVE-2015-1130

CREDITS
Apple, Emil Kvarnhammar at TrueSec, Ian Beer of Google Project Zero, Frank Graziano and John Villamil of the Yahoo Pentest Team, Izik Eidus and Alex Fishman, lokihardt@ASRT working with HP's Zero Day Initiative, Luca Todesco, and Ole Andre Vadla Ravnas of
Trust: 0.3
sources:
            
            
            BID: 73982

SOURCES
db:VULHUBid:VHN-79090
db:VULMONid:CVE-2015-1130
db:BIDid:73982
db:JVNDBid:JVNDB-2015-002163
db:CNNVDid:CNNVD-201504-155
db:NVDid:CVE-2015-1130

LAST UPDATE DATE
2025-02-14T21:15:58.133000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-79090date:2015-09-17T00:00:00
db:VULMONid:CVE-2015-1130date:2015-09-17T00:00:00
db:BIDid:73982date:2015-05-12T19:47:00
db:JVNDBid:JVNDB-2015-002163date:2015-04-13T00:00:00
db:CNNVDid:CNNVD-201504-155date:2015-04-14T00:00:00
db:NVDid:CVE-2015-1130date:2025-02-14T16:20:08.967

SOURCES RELEASE DATE
db:VULHUBid:VHN-79090date:2015-04-10T00:00:00
db:VULMONid:CVE-2015-1130date:2015-04-10T00:00:00
db:BIDid:73982date:2015-04-08T00:00:00
db:JVNDBid:JVNDB-2015-002163date:2015-04-13T00:00:00
db:CNNVDid:CNNVD-201504-155date:2015-04-14T00:00:00
db:NVDid:CVE-2015-1130date:2015-04-10T14:59:43.073