Insecure Encryption Implementation in CoreStorage during FileVault Activation in Mac OS X 10.7

Insecure Encryption Implementation in CoreStorage during FileVault Activation in Mac OS X 10.7

CVE-2011-3212 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate attackers to obtain sensitive information by reading directly from the disk device.

Learn more about our Physical Security Assessment.