Mac OS X EFI Function Execution Vulnerability (EFI Security Update 2015-002)

high Nessus Plugin ID 86722


The remote host is affected by a function execution vulnerability.


The remote Mac OS X host is running an EFI firmware version that is affected by a function execution vulnerability due to an issue with handling EFI arguments. An unauthenticated, remote attacker can exploit this to execute arbitrary functions via unspecified vectors.


Install Mac EFI Security Update 2015-002.

See Also

Plugin Details

Severity: High

ID: 86722

File Name: macosx_SecUpdEFI2015-002.nasl

Version: 1.10

Type: local

Agent: macosx

Published: 11/4/2015

Updated: 11/27/2023

Supported Sensors: Nessus Agent, Nessus

Risk Information


Risk Factor: Medium

Score: 5.9


Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version, Host/MacOSX/packages/boms

Exploit Ease: No known exploits are available

Patch Publication Date: 10/21/2015

Vulnerability Publication Date: 10/21/2015

Reference Information

CVE: CVE-2015-7035

BID: 74971

APPLE-SA: APPLE-SA-2015-10-21-6