CVE-2015-1130

Name of the Vulnerable Software and Affected Versions Apple OS X versions prior to 10.10.3

Description The issue is related to the XPC implementation in the Admin Framework of Apple OS X, which allows local users to bypass authentication and obtain admin privileges via unspecified vectors. This is due to errors in security settings. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations For Apple OS X versions prior to 10.10.3, update to version 10.10.3 or later to resolve the issue. As a temporary workaround, consider restricting access to admin privileges until the update is applied.