CVE-2015-5914

The EFI component in Apple OS X before 10.11 allows physically proximate attackers to modify firmware during the EFI update process by inserting an Apple Ethernet Thunderbolt adapter with crafted code in an Option ROM, aka a "Thunderstrike" issue. NOTE: this issue exists because of an incomplete fix for CVE-2014-4498.

CVSS v2.0 4.7 MEDIUM

4.7^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:M/Au:N/C:N/I:C/A:N

Exploitability : 3.4 / Impact : 6.9

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact COMPLETE

Availability Impact NONE

References

Link	Resource
http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html	Vendor Advisory
http://www.securitytracker.com/id/1033703
https://support.apple.com/HT205267	Vendor Advisory
https://trmm.net/Thunderstrike_FAQ

Configurations

Configuration 1 (hide)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-10-09 05:59

Updated : 2024-02-04 18:53

NVD link : CVE-2015-5914

Mitre link : CVE-2015-5914

CVE.ORG link : CVE-2015-5914

JSON object : View

Products Affected

apple

mac_os_x

CWE

CWE-17

DEPRECATED: Code

{"id": "CVE-2015-5914", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.7, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:N/I:C/A:N", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-10-09T05:59:32.827", "references": [{"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "http://www.securitytracker.com/id/1033703", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/HT205267", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://trmm.net/Thunderstrike_FAQ", "source": "product-security@apple.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-17"}]}], "descriptions": [{"lang": "en", "value": "The EFI component in Apple OS X before 10.11 allows physically proximate attackers to modify firmware during the EFI update process by inserting an Apple Ethernet Thunderbolt adapter with crafted code in an Option ROM, aka a \"Thunderstrike\" issue. NOTE: this issue exists because of an incomplete fix for CVE-2014-4498."}, {"lang": "es", "value": "El componente EFI en Apple OS X en versiones anteriores a 10.11 permite a atacantes f\u00edsicamente pr\u00f3ximos modificar el firmware durante el proceso de actualizaci\u00f3n de EFI insertando un adaptador Apple Ethernet Thunderbolt con c\u00f3digo manipulado en una Option ROM, tambi\u00e9n conocido como un problema 'Thunderstrike'. NOTA: este problema existe debido a una soluci\u00f3n incompleta de la vulnerabilidad CVE-2014-4498."}], "lastModified": "2016-12-08T03:11:28.657", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C5FF5EF-B5D2-4BFE-8C0E-DF1F99F3989D", "versionEndIncluding": "10.10.5"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}