Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-3693Out-of-bounds Write in Apple MAC OS X

CWE-2545 documents4 sources
Severity
9.3CRITICALNVD
EPSS
31.1%
top 3.23%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Apple MAC OS XApple MAC EFI Security Update 2015-001Apple OS X Yosemite V10.10.4 AND Security Update 2015-005
Timeline
PublishedJul 3
Latest updateMay 17

Description

Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not properly set refresh rates for DDR3 RAM, which might make it easier for remote attackers to conduct row-hammer attacks, and consequently gain privileges or cause a denial of service (memory corruption), by triggering certain patterns of access to memory locations.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

NVDapple/mac_os_x10.10.3

Patches

Patch: lists.apple.comPatch: lists.apple.com

🔴Vulnerability Details

1
GHSA
GHSA-53qj-236r-q3j5: Apple Mac EFI before 2015-001, as used in OS X before 102022-05-17

💥Exploits & PoCs

1
Exploit-DB
Rowhammer - NaCl Sandbox Escape2015-03-09

📋Vendor Advisories

2
Apple
CVE-2015-3693: Mac EFI Security Update 2015-001
Apple
CVE-2015-3693: OS X Yosemite v10.10.4 and Security Update 2015-005