Mac OS X EFI Function Execution Vulnerability (EFI Security Update 2015-002)

High Nessus Plugin ID 86722


The remote host is affected by a function execution vulnerability.


The remote Mac OS X host is running an EFI firmware version that is affected by a function execution vulnerability due to an issue with handling EFI arguments. An unauthenticated, remote attacker can exploit this to execute arbitrary functions via unspecified vectors.


Install Mac EFI Security Update 2015-002.

See Also

Plugin Details

Severity: High

ID: 86722

File Name: macosx_SecUpdEFI2015-002.nasl

Version: 1.3

Type: local

Agent: macosx

Published: 2015/11/04

Modified: 2017/05/30

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version, Host/MacOSX/packages/boms

Patch Publication Date: 2015/10/21

Vulnerability Publication Date: 2015/10/21

Reference Information

CVE: CVE-2015-7035

BID: 74971

OSVDB: 129224

APPLE-SA: APPLE-SA-2015-10-21-6