Privilege Escalation Vulnerability in Apple iOS, OS X, and Apple TV

Privilege Escalation Vulnerability in Apple iOS, OS X, and Apple TV

CVE-2015-1117 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

The (1) setreuid and (2) setregid system-call implementations in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 do not properly perform privilege drops, which makes it easier for attackers to execute code with unintended user or group privileges via a crafted app.

Learn more about our Cis Benchmark Audit For Apple Ios.