CVE-2012-0656 — Race Condition in Apple MAC OS X

CWE-362 — Race Condition2 documents2 sources

Severity

6.9MEDIUMNVD

EPSS

0.1%

top 69.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X

Timeline

PublishedMay 11

Latest updateMay 17

Description

Race condition in LoginUIFramework in Apple Mac OS X 10.7.x before 10.7.4, when the Guest account is enabled, allows physically proximate attackers to login to arbitrary accounts by entering the account name and no password.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages1 packages

▶NVDapple/mac_os_x4 versions+3

🔴Vulnerability Details

GHSA

GHSA-g5pf-w8r8-3m5m: Race condition in LoginUIFramework in Apple Mac OS X 10↗2022-05-17

▶