CVE-2011-3215

Name of the Vulnerable Software and Affected Versions Mac OS X versions prior to 10.7.2

Description The issue allows physically proximate attackers to bypass intended access restrictions and discover a password by making a DMA request in certain states, including the loginwindow, boot, or shutdown state. This is due to the kernel not properly preventing FireWire DMA in the absence of a login.

Recommendations For Mac OS X versions prior to 10.7.2, update to version 10.7.2 or later to resolve the issue. As a temporary workaround, consider restricting physical access to the system to minimize the risk of exploitation.