Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-1235Apple MAC OS X vulnerability

CWE-2644 documents4 sources
Severity
7.2HIGHNVD
EPSS
0.2%
top 57.41%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Apple MAC OS XApple MAC OS X Server
Timeline
PublishedApr 2
Latest updateMay 2

Description

XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

NVDapple/mac_os_x10.5.6+54
NVDapple/mac_os_x_server10.5.6+54

🔴Vulnerability Details

2
GHSA
GHSA-79gj-w7hg-rmmw: XNU 12282022-05-02
CVEList
CVE-2009-1235: XNU 12282009-04-02

💥Exploits & PoCs

1
Exploit-DB
Apple Mac OSX xnu 1228.x - 'hfs-fcntl' Kernel Privilege Escalation2009-03-23
CVE-2009-1235 — Apple MAC OS X vulnerability | cvebase