Sign-up

ID

VAR-201704-0340


CVE

CVE-2016-7585


TITLE

Apple macOS of EFI In the component FileVault 2 Vulnerability in obtaining encrypted passwords

Trust: 0.8

sources: JVNDB: JVNDB-2017-002432

DESCRIPTION

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover the FileVault 2 encryption password via a crafted Thunderbolt adapter. Apple macOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, obtain sensitive information, cause a denial-of-service condition, or bypass security restrictions and perform unauthorized actions. This may aid in further attacks. EFI is one of the firmware upgrade interface components. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-03-27-3 macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite are now available and address the following: apache Available for: macOS Sierra 10.12.3 Impact: A remote attacker may be able to cause a denial of service Description: Multiple issues existed in Apache before 2.4.25. These were addressed by updating LibreSSL to version 2.4.25. CVE-2016-0736: an anonymous researcher CVE-2016-2161: an anonymous researcher CVE-2016-5387: an anonymous researcher CVE-2016-8740: an anonymous researcher CVE-2016-8743: an anonymous researcher apache_mod_php Available for: macOS Sierra 10.12.3 Impact: Multiple issues existed in PHP before 5.6.30 Description: Multiple issues existed in PHP before 5.6.30. These were addressed by updating PHP to version 5.6.30. CVE-2016-10158 CVE-2016-10159 CVE-2016-10160 CVE-2016-10161 CVE-2016-9935 AppleGraphicsPowerManagement Available for: macOS Sierra 10.12.3 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed through improved memory handling. CVE-2017-2421: @cocoahuke AppleRAID Available for: macOS Sierra 10.12.3 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed through improved memory management. CVE-2017-2438: sss and Axis of 360Nirvanteam Audio Available for: macOS Sierra 10.12.3 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-2430: an anonymous researcher working with Trend Microas Zero Day Initiative CVE-2017-2462: an anonymous researcher working with Trend Microas Zero Day Initiative Bluetooth Available for: macOS Sierra 10.12.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-2017-2420: Pekka Oikarainen, Matias Karhumaa and Marko Laakso of Synopsys Software Integrity Group Bluetooth Available for: macOS Sierra 10.12.3 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-2017-2427: Axis and sss of Qihoo 360 Nirvan Team Bluetooth Available for: macOS Sierra 10.12.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed through improved memory management. CVE-2017-2449: sss and Axis from 360NirvanTeam Carbon Available for: macOS Sierra 10.12.3 Impact: Processing a maliciously crafted .dfont file may lead to arbitrary code execution Description: A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking. CVE-2017-2379: riusksk (ae3aY=) of Tencent Security Platform Department, John Villamil, Doyensec CoreGraphics Available for: macOS Sierra 10.12.3 Impact: Processing a maliciously crafted image may lead to a denial of service Description: An infinite recursion was addressed through improved state management. CVE-2017-2417: riusksk (ae3aY=) of Tencent Security Platform Department CoreMedia Available for: macOS Sierra 10.12.3 Impact: Processing a maliciously crafted .mov file may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of .mov files. This issue was addressed through improved memory management. CVE-2017-2431: kimyok of Tencent Security Platform Department CoreText Available for: macOS Sierra 10.12.3 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-2435: John Villamil, Doyensec CoreText Available for: macOS Sierra 10.12.3 Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: An out-of-bounds read was addressed through improved input validation. CVE-2017-2450: John Villamil, Doyensec CoreText Available for: macOS Sierra 10.12.3 Impact: Processing a maliciously crafted text message may lead to application denial of service Description: A resource exhaustion issue was addressed through improved input validation. CVE-2017-2461: Isaac Archambault of IDAoADI, an anonymous researcher curl Available for: macOS Sierra 10.12.3 Impact: Maliciously crafted user input to libcurl API may allow arbitrary code execution Description: A buffer overflow was addressed through improved bounds checking. CVE-2016-9586: Daniel Stenberg of Mozilla EFI Available for: macOS Sierra 10.12.3 Impact: A malicious Thunderbolt adapter may be able to recover the FileVault 2 encryption password Description: An issue existed in the handling of DMA. This issue was addressed by enabling VT-d in EFI. CVE-2016-7585: Ulf Frisk (@UlfFrisk) FinderKit Available for: macOS Sierra 10.12.3 Impact: Permissions may unexpectedly reset when sending links Description: A permission issue existed in the handling of the Send Link feature of iCloud Sharing. This issue was addressed through improved permission controls. CVE-2017-2429 FontParser Available for: macOS Sierra 10.12.3 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved input validation. CVE-2017-2406: riusksk (ae3aY=) of Tencent Security Platform Department CVE-2017-2487: riusksk (ae3aY=) of Tencent Security Platform Department FontParser Available for: macOS Sierra 10.12.3 Impact: Parsing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved input validation. CVE-2017-2407: riusksk (ae3aY=) of Tencent Security Platform Department FontParser Available for: macOS Sierra 10.12.3 Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: An out-of-bounds read was addressed through improved input validation. CVE-2017-2439: John Villamil, Doyensec HTTPProtocol Available for: macOS Sierra 10.12.3 Impact: A malicious HTTP/2 server may be able to cause undefined behavior Description: Multiple issues existed in nghttp2 before 1.17.0. These were addressed by updating LibreSSL to version 1.17.0. CVE-2017-2428 Hypervisor Available for: macOS Sierra 10.12.3 Impact: Applications using the Hypervisor framework may unexpectedly leak the CR8 control register between guest and host Description: An information leakage issue was addressed through improved state management. CVE-2017-2418: Alex Fishman and Izik Eidus of Veertu Inc. iBooks Available for: macOS Sierra 10.12.3 Impact: Parsing a maliciously crafted iBooks file may lead to local file disclosure Description: An information leak existed in the handling of file URLs. This issue was addressed through improved URL handling. CVE-2017-2426: Craig Arendt of Stratum Security, Jun Kokatsu (@shhnjk) ImageIO Available for: macOS Sierra 10.12.3 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-2416: Qidan He (a1/2ae*a,1, @flanker_hqd) of KeenLab, Tencent ImageIO Available for: macOS Sierra 10.12.3, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-2432: an anonymous researcher working with Trend Micro's Zero Day Initiative ImageIO Available for: macOS Sierra 10.12.3 Impact: Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-2467 ImageIO Available for: macOS Sierra 10.12.3 Impact: Processing a maliciously crafted image may lead to unexpected application termination Description: An out-of-bound read existed in LibTIFF versions before 4.0.7. This was addressed by updating LibTIFF in ImageIO to version 4.0.7. CVE-2016-3619 Intel Graphics Driver Available for: macOS Sierra 10.12.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2017-2443: Ian Beer of Google Project Zero IOATAFamily Available for: macOS Sierra 10.12.3 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-2017-2408: Yangkang (@dnpushme) of Qihoo360 Qex Team IOFireWireAVC Available for: macOS Sierra 10.12.3 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2017-2436: Orr A, IBM Security IOFireWireAVC Available for: macOS Sierra 10.12.3 Impact: A local attacker may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2017-2437: Benjamin Gnahm (@mitp0sh) of Blue Frost Security IOFireWireFamily Available for: macOS Sierra 10.12.3 Impact: An application may be able to cause a denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2017-2388: Brandon Azad, an anonymous researcher Kernel Available for: macOS Sierra 10.12.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2017-2398: Lufeng Li of Qihoo 360 Vulcan Team CVE-2017-2401: Lufeng Li of Qihoo 360 Vulcan Team Kernel Available for: macOS Sierra 10.12.3 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An input validation issue existed in the kernel. This issue was addressed through improved input validation. CVE-2017-2410: Apple Kernel Available for: macOS Sierra 10.12.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: An integer overflow was addressed through improved input validation. CVE-2017-2440: an anonymous researcher Kernel Available for: macOS Sierra 10.12.3 Impact: A malicious application may be able to execute arbitrary code with root privileges Description: A race condition was addressed through improved memory handling. CVE-2017-2456: lokihardt of Google Project Zero Kernel Available for: macOS Sierra 10.12.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed through improved memory management. CVE-2017-2472: Ian Beer of Google Project Zero Kernel Available for: macOS Sierra 10.12.3 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2017-2473: Ian Beer of Google Project Zero Kernel Available for: macOS Sierra 10.12.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: An off-by-one issue was addressed through improved bounds checking. CVE-2017-2474: Ian Beer of Google Project Zero Kernel Available for: macOS Sierra 10.12.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed through improved locking. CVE-2017-2478: Ian Beer of Google Project Zero Kernel Available for: macOS Sierra 10.12.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow issue was addressed through improved memory handling. CVE-2017-2482: Ian Beer of Google Project Zero CVE-2017-2483: Ian Beer of Google Project Zero Keyboards Available for: macOS Sierra 10.12.3 Impact: An application may be able to execute arbitrary code Description: A buffer overflow was addressed through improved bounds checking. CVE-2017-2458: Shashank (@cyberboyIndia) libarchive Available for: macOS Sierra 10.12.3 Impact: A local attacker may be able to change file system permissions on arbitrary directories Description: A validation issue existed in the handling of symlinks. This issue was addressed through improved validation of symlinks. CVE-2017-2390: Omer Medan of enSilo Ltd libc++abi Available for: macOS Sierra 10.12.3 Impact: Demangling a malicious C++ application may lead to arbitrary code execution Description: A use after free issue was addressed through improved memory management. CVE-2017-2441 LibreSSL Available for: macOS Sierra 10.12.3, and OS X El Capitan v10.11.6 Impact: A local user may be able to leak sensitive user information Description: A timing side channel allowed an attacker to recover keys. This issue was addressed by introducing constant time computation. CVE-2016-7056: Cesar Pereida GarcAa and Billy Brumley (Tampere University of Technology) MCX Client Available for: macOS Sierra 10.12.3 Impact: Removing a configuration profile with multiple payloads may not remove Active Directory certificate trust Description: An issue existed in profile uninstallation. This issue was addressed through improved cleanup. CVE-2017-2402: an anonymous researcher Menus Available for: macOS Sierra 10.12.3 Impact: An application may be able to disclose process memory Description: An out-of-bounds read was addressed through improved input validation. CVE-2017-2409: Sergey Bylokhov Multi-Touch Available for: macOS Sierra 10.12.3 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-2017-2422: @cocoahuke OpenSSH Available for: macOS Sierra 10.12.3 Impact: Multiple issues in OpenSSH Description: Multiple issues existed in OpenSSH before version 7.4. These were addressed by updating OpenSSH to version 7.4. CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 OpenSSL Available for: macOS Sierra 10.12.3 Impact: A local user may be able to leak sensitive user information Description: A timing side channel issue was addressed by using constant time computation. CVE-2016-7056: Cesar Pereida GarcAa and Billy Brumley (Tampere University of Technology) Printing Available for: macOS Sierra 10.12.3 Impact: Clicking a malicious IPP(S) link may lead to arbitrary code execution Description: An uncontrolled format string issue was addressed through improved input validation. CVE-2017-2403: beist of GrayHash python Available for: macOS Sierra 10.12.3 Impact: Processing maliciously crafted zip archives with Python may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of zip archives. This issue was addressed through improved input validation. CVE-2016-5636 QuickTime Available for: macOS Sierra 10.12.3 Impact: Viewing a maliciously crafted media file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in QuickTime. This issue was addressed through improved memory handling. CVE-2017-2413: Simon Huang(@HuangShaomang) and pjf of IceSword Lab of Qihoo 360 Security Available for: macOS Sierra 10.12.3 Impact: Validating empty signatures with SecKeyRawVerify() may unexpectedly succeed Description: An validation issue existed with cryptographic API calls. This issue was addressed through improved parameter validation. CVE-2017-2423: an anonymous researcher Security Available for: macOS Sierra 10.12.3 Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS Description: Under certain circumstances, Secure Transport failed to validate the authenticity of OTR packets. This issue was addressed by restoring missing validation steps. CVE-2017-2448: Alex Radocea of Longterm Security, Inc. Security Available for: macOS Sierra 10.12.3 Impact: An application may be able to execute arbitrary code with root privileges Description: A buffer overflow was addressed through improved bounds checking. CVE-2017-2451: Alex Radocea of Longterm Security, Inc. Security Available for: macOS Sierra 10.12.3 Impact: Processing a maliciously crafted x509 certificate may lead to arbitrary code execution Description: A memory corruption issue existed in the parsing of certificates. This issue was addressed through improved input validation. CVE-2017-2485: Aleksandar Nikolic of Cisco Talos SecurityFoundation Available for: macOS Sierra 10.12.3 Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: A double free issue was addressed through improved memory management. CVE-2017-2425: kimyok of Tencent Security Platform Department sudo Available for: macOS Sierra 10.12.3 Impact: A user in an group named "admin" on a network directory server may be able to unexpectedly escalate privileges using sudo Description: An access issue existed in sudo. This issue was addressed through improved permissions checking. CVE-2017-2381 System Integrity Protection Available for: macOS Sierra 10.12.3 Impact: A malicious application may be able to modify protected disk locations Description: A validation issue existed in the handling of system installation. This issue was addressed through improved handling and validation during the installation process. CVE-2017-6974: Patrick Wardle of Synack tcpdump Available for: macOS Sierra 10.12.3 Impact: An attacker in a privileged network position may be able to execute arbitrary code with user assistance Description: Multiple issues existed in tcpdump before 4.9.0. These were addressed by updating tcpdump to version 4.9.0. CVE-2016-7922 CVE-2016-7923 CVE-2016-7924 CVE-2016-7925 CVE-2016-7926 CVE-2016-7927 CVE-2016-7928 CVE-2016-7929 CVE-2016-7930 CVE-2016-7931 CVE-2016-7932 CVE-2016-7933 CVE-2016-7934 CVE-2016-7935 CVE-2016-7936 CVE-2016-7937 CVE-2016-7938 CVE-2016-7939 CVE-2016-7940 CVE-2016-7973 CVE-2016-7974 CVE-2016-7975 CVE-2016-7983 CVE-2016-7984 CVE-2016-7985 CVE-2016-7986 CVE-2016-7992 CVE-2016-7993 CVE-2016-8574 CVE-2016-8575 CVE-2017-5202 CVE-2017-5203 CVE-2017-5204 CVE-2017-5205 CVE-2017-5341 CVE-2017-5342 CVE-2017-5482 CVE-2017-5483 CVE-2017-5484 CVE-2017-5485 CVE-2017-5486 tiffutil Available for: macOS Sierra 10.12.3 Impact: Processing a maliciously crafted image may lead to unexpected application termination Description: An out-of-bound read existed in LibTIFF versions before 4.0.7. This was addressed by updating LibTIFF in AKCmds to version 4.0.7. CVE-2016-3619 CVE-2016-9533 CVE-2016-9535 CVE-2016-9536 CVE-2016-9537 CVE-2016-9538 CVE-2016-9539 CVE-2016-9540 WebKit Available for: macOS Sierra 10.12.3 Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed through improved state management. CVE-2017-2486: redrain of light4freedom WebKit Available for: macOS Sierra 10.12.3 Impact: An application may be able to execute arbitrary code Description: A memory corruption issue was addressed through improved memory handling. CVE-2017-2392: Max Bazaliy of Lookout WebKit Available for: macOS Sierra 10.12.3 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-2457: lokihardt of Google Project Zero Installation note: macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite may be obtained from the Mac App Store or Apple's Software Downloads web site: https://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCgAGBQJY2Yo6AAoJEIOj74w0bLRGPqYQAMBBWvVEfXg753E0gorEMXMG 3OKqGKmkpIgKRSmtNja4Heq/tY2pSBN0CDHKfeGnO6ayUmeH5yZwg8ZWtqaV3bpl Gx7jBvglsrGt4vSPcUvhQV/4YSrRDMDwqBOqBcrIFRQnUMluybw0PiRkMuUQ1m30 Uh10OO94SJbzqtbGkEHXJX/ajOX5ELlkXE7tHD8Z91IJa95fxN4dZ2mTEiGQ4XCu NfkDN/U6S+qj+KRl3ra7fIA5QttTQoqM497Efan8soyq9oLrc5jypDrtuKEiU2/x DUpRxONjOIlmilsYFosMjT+z5PUWdHcfkw6U5sLYcwCgY3hkYwJnJUX6I2VSLjk7 aa85lAGyj/cyqd2n4PEF58bFlGZkfv1BuUp06f8ccEMjG4dxYjCxrVw4uwGvE61n hVgS25GGhJXbvHxkpggdC6n3Pbe7FqhUPwzhFRhBeFKVw+ed5wf6PoxqiJ+wmu+Y vEk+b+s1rsPz5WDXc7vkDegA5S3CsxLGEzTDRxvlcktmku08Rv3EHr+1SSAwB5CE BtOWoT2i6KN4+XgaOdT1dBX2nkeIumM44OS+aJEW27uXSaLD7zm44EjEd1LyQRko hpruHLPZsZQudpkfayUo6YYu5uNZdfJoNktKhU255keYnrLZk9I8UgXjW0IC5Ev1 CN+j/BMQsIWdeO1Cm3Rc =DFqi -----END PGP SIGNATURE-----

Trust: 2.16

sources: NVD: CVE-2016-7585 // JVNDB: JVNDB-2017-002432 // BID: 97140 // VULHUB: VHN-96405 // VULMON: CVE-2016-7585 // PACKETSTORM: 141994

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:eqversion:10.12.3

Trust: 1.4

vendor:applemodel:mac os xscope:lteversion:10.12.3

Trust: 1.0

vendor:webkitmodel:open source project webkitscope:eqversion:0

Trust: 0.3

vendor:ubuntumodel:linuxscope:eqversion:16.10

Trust: 0.3

vendor:ubuntumodel:linux ltsscope:eqversion:16.04

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:applemodel:macosscope:eqversion:10.12.3

Trust: 0.3

vendor:applemodel:security update yosemitescope:neversion:2017-0010

Trust: 0.3

vendor:applemodel:security update el capitanscope:neversion:2017-0010

Trust: 0.3

vendor:applemodel:macosscope:neversion:10.12.4

Trust: 0.3

sources: BID: 97140 // JVNDB: JVNDB-2017-002432 // CNNVD: CNNVD-201704-041 // NVD: CVE-2016-7585

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-7585
value: MEDIUM

Trust: 1.0

NVD: CVE-2016-7585
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201704-041
value: LOW

Trust: 0.6

VULHUB: VHN-96405
value: LOW

Trust: 0.1

VULMON: CVE-2016-7585
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2016-7585
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-96405
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-7585
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-96405 // VULMON: CVE-2016-7585 // JVNDB: JVNDB-2017-002432 // CNNVD: CNNVD-201704-041 // NVD: CVE-2016-7585

PROBLEMTYPE DATA

problemtype:CWE-310

Trust: 1.9

sources: VULHUB: VHN-96405 // JVNDB: JVNDB-2017-002432 // NVD: CVE-2016-7585

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201704-041

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201704-041

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-002432

PATCH
title:Apple security updatesurl:https://support.apple.com/en-us/HT201222
Trust: 0.8
title:HT207615url:https://support.apple.com/en-us/HT207615
Trust: 0.8
title:HT207615url:https://support.apple.com/ja-jp/HT207615
Trust: 0.8
title:Apple macOS Sierra EFI Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68934
Trust: 0.6
title:Apple: macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemiteurl:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=27f7b30a8e31da5065e7b124a224b22b
Trust: 0.1
title:Threatposturl:https://threatpost.com/macs-not-receiving-efi-firmware-security-updates-as-expected/128191/
Trust: 0.1
sources:
            
            
            VULMON: CVE-2016-7585 // 
            
            
            
            JVNDB: JVNDB-2017-002432 // 
            
            
            
            CNNVD: CNNVD-201704-041

EXTERNAL IDS
db:NVDid:CVE-2016-7585
Trust: 3.0
db:BIDid:97140
Trust: 2.1
db:SECTRACKid:1038138
Trust: 1.2
db:JVNid:JVNVU90482935
Trust: 0.8
db:JVNDBid:JVNDB-2017-002432
Trust: 0.8
db:CNNVDid:CNNVD-201704-041
Trust: 0.7
db:VULHUBid:VHN-96405
Trust: 0.1
db:VULMONid:CVE-2016-7585
Trust: 0.1
db:PACKETSTORMid:141994
Trust: 0.1
sources:
            
            
            VULHUB: VHN-96405 // 
            
            
            
            VULMON: CVE-2016-7585 // 
            
            
            
            BID: 97140 // 
            
            
            
            JVNDB: JVNDB-2017-002432 // 
            
            
            
            PACKETSTORM: 141994 // 
            
            
            
            CNNVD: CNNVD-201704-041 // 
            
            
            
            NVD: CVE-2016-7585

REFERENCES
url:http://www.securityfocus.com/bid/97140
Trust: 1.9
url:https://support.apple.com/ht207615
Trust: 1.8
url:http://www.securitytracker.com/id/1038138
Trust: 1.2
url:https://nvd.nist.gov/vuln/detail/cve-2016-7585
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7585
Trust: 0.8
url:http://jvn.jp/vu/jvnvu90482935/index.html
Trust: 0.8
url:https://www.apple.com/
Trust: 0.3
url:http://www.apple.com/macosx/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/310.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://threatpost.com/macs-not-receiving-efi-firmware-security-updates-as-expected/128191/
Trust: 0.1
url:https://support.apple.com/kb/ht207615
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-5387
Trust: 0.1
url:https://support.apple.com/kb/ht201222
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-7933
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-10161
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-5636
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-7934
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-7928
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-3619
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-10158
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-7924
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-7931
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-10012
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-7056
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-10159
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-7927
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-10011
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-2161
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-7929
Trust: 0.1
url:https://www.apple.com/support/security/pgp/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-7922
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-10160
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-7925
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-7923
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-0736
Trust: 0.1
url:http://gpgtools.org
Trust: 0.1
url:https://www.apple.com/support/downloads/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-10009
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-7926
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-7930
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-10010
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-7932
Trust: 0.1
sources:
            
            
            VULHUB: VHN-96405 // 
            
            
            
            VULMON: CVE-2016-7585 // 
            
            
            
            BID: 97140 // 
            
            
            
            JVNDB: JVNDB-2017-002432 // 
            
            
            
            PACKETSTORM: 141994 // 
            
            
            
            CNNVD: CNNVD-201704-041 // 
            
            
            
            NVD: CVE-2016-7585

CREDITS
Ulf Frisk, Apple, Brandon Azad, an anonymous researcher, Max Bazaliy, beist, Sergey Bylokhov, Simon Huang, pjf, Alex Fishman, Izik Eidus, Pekka Oikarainen, Matias Karhumaa, Marko Laakso, @cocoahuke, kimyok, Craig Arendt, Axis, sss, Orr A, Benjamin Gnahm, I
Trust: 0.3
sources:
            
            
            BID: 97140

SOURCES
db:VULHUBid:VHN-96405
db:VULMONid:CVE-2016-7585
db:BIDid:97140
db:JVNDBid:JVNDB-2017-002432
db:PACKETSTORMid:141994
db:CNNVDid:CNNVD-201704-041
db:NVDid:CVE-2016-7585

LAST UPDATE DATE
2024-11-23T20:05:26.743000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-96405date:2017-07-12T00:00:00
db:VULMONid:CVE-2016-7585date:2017-07-12T00:00:00
db:BIDid:97140date:2017-06-08T08:02:00
db:JVNDBid:JVNDB-2017-002432date:2017-04-13T00:00:00
db:CNNVDid:CNNVD-201704-041date:2017-04-06T00:00:00
db:NVDid:CVE-2016-7585date:2024-11-21T02:58:15.190

SOURCES RELEASE DATE
db:VULHUBid:VHN-96405date:2017-04-02T00:00:00
db:VULMONid:CVE-2016-7585date:2017-04-02T00:00:00
db:BIDid:97140date:2017-03-27T00:00:00
db:JVNDBid:JVNDB-2017-002432date:2017-04-13T00:00:00
db:PACKETSTORMid:141994date:2017-03-27T17:32:32
db:CNNVDid:CNNVD-201704-041date:2017-04-06T00:00:00
db:NVDid:CVE-2016-7585date:2017-04-02T01:59:00.167