CVE-2013-5180 — Apple MAC OS X vulnerability

CWE-3102 documents2 sources

Severity

4.3MEDIUMNVD

EPSS

0.3%

top 50.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X

Timeline

PublishedOct 24

Latest updateMay 17

Description

The srandomdev function in Libc in Apple Mac OS X before 10.9, when the kernel random-number generator is unavailable, produces predictable values instead of the intended random values, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of these values, related to a compiler-optimization issue.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDapple/mac_os_x10.8.5+6

🔴Vulnerability Details

GHSA

GHSA-rjvx-5jx3-85fg: The srandomdev function in Libc in Apple Mac OS X before 10↗2022-05-17

▶