CVE-2016-1825
published 2016-05-20CVE-2016-1825: IOHIDFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption)…
PriorityP345high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
EXPLOIT
EPSS
5.64%
92.0th percentile
IOHIDFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | mac_os_x | <= 10.11.4 | — |
| apple | os_x_el_capitan_v10.11.5_and_security_update_2016-003 | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Apple
CVE-2016-1825: OS X El Capitan v10.11.5 and Security Update 2016-003
vendor_apple·CVSS 7.8
CVE-2016-1825 [HIGH] CVE-2016-1825: OS X El Capitan v10.11.5 and Security Update 2016-003
Apple Security Update: About the security content of OS X El Capitan v10.11.5 and Security Update 2016-003
Product: OS X El Capitan v10.11.5 and Security Update 2016-003
CVE: CVE-2016-1825
Component: CVE-ID
GHSA
GHSA-8qx9-2rg2-79q2: IOHIDFamily in Apple OS X before 10
ghsa_unreviewed·2022-05-17
CVE-2016-1825 [HIGH] CWE-119 GHSA-8qx9-2rg2-79q2: IOHIDFamily in Apple OS X before 10
IOHIDFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
No detection rules found.
Sentinelone
Privilege Escalation | macOS Malware & The Path to Root Part 1 - SentinelLabs
blogs_sentinelone·2019-11-06
Privilege Escalation | macOS Malware & The Path to Root Part 1 - SentinelLabs
In this two-part series, we take a look at privilege escalation on macOS. In Part 1, we look at some of the vulnerabilities that have been discovered by security researchers in recent versions of Apple’s Desktop OS, focusing on those that have been turned into reliable exploits. We draw conclusions for enterprise and end users alike based on this review. In Part 2, we switch from researchers to attackers and explore both how and why the methodology of macOS threat actors takes quite a different path from that of the research community.
## What is Privilege Escalation?
Let’s start by defining our terms. Whenever code executes, it does so within the context of a user who invokes it. Technically, users need not always actually be people, but for our purposes here we’ll stick to the simple c
Sentinelone
Privilege Escalation | macOS Malware & The Path to Root Part 1
blogs_sentinelone·2019-11-06
Privilege Escalation | macOS Malware & The Path to Root Part 1
## Privilege Escalation | macOS Malware & The Path to Root Part 1
In this two-part series, we take a look at privilege escalation on macOS. In Part 1, we look at some of the vulnerabilities that have been discovered by security researchers in recent versions of Apple’s Desktop OS, focusing on those that have been turned into reliable exploits. We draw conclusions for enterprise and end users alike based on this review. In Part 2 , we switch from researchers to attackers and explore both how and why the methodology of macOS threat actors takes quite a different path from that of the research community.
## What is Privilege Escalation?
Let’s start by defining our terms. Whenever code executes, it does so within the context of a user who invokes it. Technically, users need not always actua
http://lists.apple.com/archives/security-announce/2016/May/msg00004.htmlhttp://www.securityfocus.com/bid/90696http://www.securitytracker.com/id/1035895https://support.apple.com/HT206567http://lists.apple.com/archives/security-announce/2016/May/msg00004.htmlhttp://www.securityfocus.com/bid/90696http://www.securitytracker.com/id/1035895https://support.apple.com/HT206567
2016-05-20
Published