Encryption Status Display Vulnerability in Apple OS X

Encryption Status Display Vulnerability in Apple OS X

CVE-2014-4432 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:N/A:N

fdesetup in Apple OS X before 10.10 does not properly display the encryption status in between a setting-update action and a reboot action, which might make it easier for physically proximate attackers to obtain cleartext data by leveraging ignorance of the reboot requirement.

Learn more about our Physical Security Assessment.