CVE-2016-1851

Name of the Vulnerable Software and Affected Versions Apple OS X versions prior to 10.11.5

Description The issue exists due to the improper handling of password profiles by the Screen Lock feature. This allows a physically proximate attacker to reset expired passwords when the system is in the lock-screen state.

Recommendations For Apple OS X versions prior to 10.11.5, update to version 10.11.5 or later to resolve the issue. As a temporary workaround, consider restricting physical access to systems running affected versions to minimize the risk of exploitation.