Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-5889Apple MAC OS X vulnerability

CWE-2646 documents5 sources
Severity
7.2HIGHNVD
EPSS
11.6%
top 6.34%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Apple MAC OS XApple OS X EL Capitan V10.11
Timeline
PublishedOct 9
Latest updateMay 17

Description

rsh in the remote_cmds component in Apple OS X before 10.11 allows local users to obtain root privileges via vectors involving environment variables.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

NVDapple/mac_os_x10.10.5

🔴Vulnerability Details

1
GHSA
GHSA-7m5g-q9fx-rh4c: rsh in the remote_cmds component in Apple OS X before 102022-05-17

💥Exploits & PoCs

3
Exploit-DB
Apple Mac OSX 10.9.5/10.10.5 - 'rsh/libmalloc' Local Privilege Escalation (Metasploit)2015-10-27
Exploit-DB
Apple Mac OSX 10.9.5/10.10.5 - 'rsh/libmalloc' Local Privilege Escalation2015-10-01
Metasploit
Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation

📋Vendor Advisories

1
Apple
CVE-2015-5889: OS X El Capitan v10.11