Unenforced Require Password after Sleep or Screen Saver Setting in Apple OS X

Unenforced Require Password after Sleep or Screen Saver Setting in Apple OS X

CVE-2014-4425 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

CFPreferences in Apple OS X before 10.10 does not properly enforce the "require password after sleep or screen saver begins" setting, which makes it easier for physically proximate attackers to obtain access by leveraging an unattended workstation.

Learn more about our Physical Security Assessment.