Mac OS X Multiple EFI Vulnerabilities (EFI Security Update 2015-001)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by multiple vulnerabilities.

Description :

The remote Mac OS X host is running EFI firmware that is affected by
multiple vulnerabilities :

- An insufficient locking issue exists, when resuming from
sleep states, which allows a local attacker to write to
the EFI flash memory by using an crafted application
with root privileges. (CVE-2015-3692)

- A flaw exists due to lax restrictions on memory refresh
rates, which allows a specially crafted process to
corrupt the memory of some DDR3 SDRAM devices by
inducing bit flips in page table entries (PTEs), also
known as a 'row-hammer attack'. An attacker can exploit
this to gain elevated privileges by manipulating the
PTEs. (CVE-2015-3693)

See also :

https://support.apple.com/en-us/HT204934

Solution :

Install Mac EFI Security Update 2015-001.

Risk factor :

Low / CVSS Base Score : 1.7
(CVSS2#AV:L/AC:L/Au:S/C:N/I:P/A:N)

Family: MacOS X Local Security Checks

Nessus Plugin ID: 84565 ()

Bugtraq ID: 74971

CVE ID: CVE-2015-3692
CVE-2015-3693

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now