FireWire DMA Vulnerability in Apple Mac OS X

FireWire DMA Vulnerability in Apple Mac OS X

CVE-2011-3215 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The kernel in Apple Mac OS X before 10.7.2 does not properly prevent FireWire DMA in the absence of a login, which allows physically proximate attackers to bypass intended access restrictions and discover a password by making a DMA request in the (1) loginwindow, (2) boot, or (3) shutdown state.

Learn more about our Physical Security Assessment.