FireWire DMA Vulnerability in Apple Mac OS X
CVE-2011-3215 · LOW Severity
AV:L/AC:L/AU:N/C:P/I:N/A:N
The kernel in Apple Mac OS X before 10.7.2 does not properly prevent FireWire DMA in the absence of a login, which allows physically proximate attackers to bypass intended access restrictions and discover a password by making a DMA request in the (1) loginwindow, (2) boot, or (3) shutdown state.
Learn more about our Physical Security Assessment.