Privilege Escalation Vulnerability in Apple iOS, OS X, and Apple TV
CVE-2015-1117 · MEDIUM Severity
AV:L/AC:M/AU:N/C:C/I:C/A:C
The (1) setreuid and (2) setregid system-call implementations in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 do not properly perform privilege drops, which makes it easier for attackers to execute code with unintended user or group privileges via a crafted app.
Learn more about our Cis Benchmark Audit For Apple Ios.