Guest Account Login Bypass Vulnerability in Apple Mac OS X 10.7.x

Guest Account Login Bypass Vulnerability in Apple Mac OS X 10.7.x

CVE-2012-0656 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

Race condition in LoginUIFramework in Apple Mac OS X 10.7.x before 10.7.4, when the Guest account is enabled, allows physically proximate attackers to login to arbitrary accounts by entering the account name and no password.

Learn more about our Physical Security Assessment.