FileVault 2 Encryption Password Disclosure via Crafted Thunderbolt Adapter

FileVault 2 Encryption Password Disclosure via Crafted Thunderbolt Adapter

CVE-2016-7585 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover the FileVault 2 encryption password via a crafted Thunderbolt adapter.

Learn more about our Cis Benchmark Audit For Apple Macos.