Vulnerability Details : CVE-2015-1130
Public exploit exists!
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
Products affected by CVE-2015-1130
- cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
CVE-2015-1130 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Apple OS X Authentication Bypass Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges.
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2015-1130
Added on
2022-02-10
Action due date
2022-08-10
Exploit prediction scoring system (EPSS) score for CVE-2015-1130
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 14 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2015-1130
-
Apple OS X Rootpipe Privilege Escalation
Disclosure Date: 2015-04-09First seen: 2020-04-26exploit/osx/local/rootpipeThis module exploits a hidden backdoor API in Apple's Admin framework on Mac OS X to escalate privileges to root, dubbed "Rootpipe." This module was tested on Yosemite 10.10.2 and should work on previous versions. The patch for this issue was not backported to olde
CVSS scores for CVE-2015-1130
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2015-1130
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-1130
-
http://www.osvdb.org/120418
404 Not FoundBroken Link
-
http://www.securitytracker.com/id/1032048
Apple OS X Multiple Bugs Let Remote and Local Users Execute Arbitrary Code, Obtain Potentially Sensitive Information, and Deny Service - SecurityTrackerBroken Link
-
http://www.securityfocus.com/bid/73982
Apple Mac OS X Prior to 10.10.3 Multiple Security VulnerabilitiesExploit
-
https://support.apple.com/HT204659
About the security content of OS X Yosemite v10.10.3 and Security Update 2015-004 - Apple SupportVendor Advisory
-
https://www.exploit-db.com/exploits/36692/
Apple Mac OSX < 10.7.5/10.8.2/10.9.5/10.10.2 - 'Rootpipe' Local Privilege EscalationExploit
-
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
Apple - Lists.apple.comVendor Advisory
Jump to