CVE-2014-1381 — Apple MAC OS X vulnerability

CWE-2642 documents2 sources

Severity

10.0CRITICALNVD

EPSS

1.2%

top 20.67%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X

Timeline

PublishedJul 1

Latest updateMay 17

Description

Thunderbolt in Apple OS X before 10.9.4 does not properly restrict IOThunderBoltController API calls, which allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted call.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDapple/mac_os_x4 versions+3

🔴Vulnerability Details

GHSA

GHSA-f8j3-vx9j-4mf2: Thunderbolt in Apple OS X before 10↗2022-05-17

▶