Vulnerability: Profile Uninstall Actions Bypass in macOS 10.12.4 and earlier
CVE-2017-2402 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of profile uninstall actions in the "MCX Client" component when a profile has multiple payloads. It allows remote attackers to bypass intended access restrictions by leveraging Active Directory certificate trust that should not have remained.
Learn more about our Cis Benchmark Audit For Apple Macos.