PT-2015-3761 · Apple · Os X
Trammell Hudson
·
Published
2015-01-30
·
Updated
2015-10-09
·
CVE-2014-4498
CVSS v2.0
4.7
Medium
| Vector | AV:L/AC:M/Au:N/C:N/I:C/A:N |
Name of the Vulnerable Software and Affected Versions
Apple OS X versions prior to 10.10.2
Description
The issue allows physically proximate attackers to modify firmware during the EFI update process by inserting a Thunderbolt device with crafted code in an Option ROM.
Recommendations
For Apple OS X versions prior to 10.10.2, update to version 10.10.2 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Os X