| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 8.5 | $0-$5k | 0.00 |
Summary
A vulnerability, which was classified as problematic, has been found in Apple Mac OS X 10.9.2. Affected by this vulnerability is an unknown functionality of the component IOKit Kernel. Performing a manipulation results in information disclosure. This vulnerability is known as CVE-2014-1320. Remote exploitation of the attack is possible. No exploit is available. To fix this issue, it is recommended to deploy a patch.
Details
A vulnerability, which was classified as critical, was found in Apple Mac OS X 10.9.2 (Operating System). This affects an unknown functionality of the component IOKit Kernel. The manipulation with an unknown input leads to a information disclosure vulnerability. CWE is classifying the issue as CWE-200. The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. This is going to have an impact on confidentiality, integrity, and availability. The summary by CVE is:
IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 places kernel pointers into an object data structure, which makes it easier for local users to bypass the ASLR protection mechanism by reading unspecified attributes of the object.
The weakness was published 04/22/2014 by Ian Beer with Google Project Zero as HT6207 as confirmed advisory (Website) via Zero Day Initiative (ZDI). It is possible to read the advisory at support.apple.com. The public release has been coordinated with Apple. This vulnerability is uniquely identified as CVE-2014-1320 since 01/08/2014. The exploitability is told to be difficult. Attacking locally is a requirement. No form of authentication is needed for exploitation. The technical details are unknown and an exploit is not publicly available. The attack technique deployed by this issue is T1592 according to MITRE ATT&CK. The advisory points out:
A local user can read kernel pointers, which can be used to bypass kernel address space layout randomization
The vulnerability scanner Nessus provides a plugin with the ID 73648 (Mac OS X Multiple Vulnerabilities (Security Update 2014-002)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family MacOS X Local Security Checks and running in the context l. The commercial vulnerability scanner Qualys is able to test this issue with plugin 122028 (Apple Mac OS X Security Update 2014-002 Not Installed (HT6207)).
Applying the patch Security Update 2014-002 is able to eliminate this problem. The bugfix is ready for download at support.apple.com. A possible mitigation has been published immediately after the disclosure of the vulnerability. The advisory contains the following remark:
This issue was addressed through removing the pointers from the object.
The vulnerability is also documented in the databases at X-Force (92700), Tenable (73648), SecurityFocus (BID 67027†), Secunia (SA58140†) and SecurityTracker (ID 1030133†). Similar entries are available at VDB-10903, VDB-12773, VDB-12772 and VDB-12771. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Product
Type
Vendor
Name
Version
License
Support
Website
- Vendor: https://www.apple.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 9.8VulDB Meta Temp Score: 8.5
VulDB Base Score: 9.8
VulDB Temp Score: 8.5
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Information disclosureCWE: CWE-200 / CWE-284 / CWE-266
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: Yes
Availability: 🔍
Status: Unproven
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 73648
Nessus Name: Mac OS X Multiple Vulnerabilities (Security Update 2014-002)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
OpenVAS ID: 801105
OpenVAS Name: Apple Mac OS X Multiple Vulnerabilities-02 November-2016
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Patch: Security Update 2014-002
Timeline
01/08/2014 🔍04/22/2014 🔍
04/22/2014 🔍
04/22/2014 🔍
04/22/2014 🔍
04/23/2014 🔍
04/23/2014 🔍
04/23/2014 🔍
04/23/2014 🔍
04/01/2019 🔍
Sources
Vendor: apple.comAdvisory: HT6207
Researcher: Ian Beer
Organization: Google Project Zero
Status: Confirmed
Coordinated: 🔍
CVE: CVE-2014-1320 (🔍)
GCVE (CVE): GCVE-0-2014-1320
GCVE (VulDB): GCVE-100-13035
IAVM: 🔍
X-Force: 92700 - Apple Mac OS X IOKit Kernel security bypass, Low Risk
SecurityFocus: 67027 - Multiple Apple Products CVE-2014-1320 Local Security Bypass Vulnerability
Secunia: 58140 - Apple iOS Multiple Vulnerabilities, Highly Critical
SecurityTracker: 1030133
scip Labs: https://www.scip.ch/en/?labs.20150108
See also: 🔍
Entry
Created: 04/23/2014 12:25Updated: 04/01/2019 17:37
Changes: 04/23/2014 12:25 (81), 04/01/2019 17:37 (12)
Complete: 🔍
Cache ID: 216:997:103
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.