CVE-2014-1380 — Apple MAC OS X vulnerability

CWE-2642 documents2 sources

Severity

2.6LOWNVD

EPSS

0.1%

top 79.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X

Timeline

PublishedJul 1

Latest updateMay 17

Description

The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via keyboard input.

CVSS vector

AV:L/AC:H/C:P/I:P/A:NExploitability: 1.9 | Impact: 4.9

Affected Packages1 packages

▶NVDapple/mac_os_x4 versions+3

🔴Vulnerability Details

GHSA

GHSA-hgv2-76q7-7cv5: The Security - Keychain component in Apple OS X before 10↗2022-05-17

▶