Yu Fan

**Name of the Vulnerable Software and Affected Versions** Heimdal versions prior to 10.11 **Description** The issue is related to inadequate access control in the Heimdal component of the Mac OS X operating system. It allows a remote attacker to conduct replay attacks against the SMB server by exploiting packet data that represents a Kerberos authenticated request. This could potentially enable the attacker to perform network attacks on the SMB server. **Recommendations** For versions prior to 10.11, update to version 10.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the SMB server to minimize the risk of exploitation.