Main
Vulnerability Database
Exploits
ID:1213 - Exploit for Privilege escalation in macOS - CVE-2017-6978
ID:1213 - Exploit for Privilege escalation in macOS - CVE-2017-6978
Published: March 18, 2020
Vulnerability identifier: #VU6710
Vulnerability risk: Low
CVE-ID: CVE-2017-6978
CWE-ID: CWE-119
Exploitation vector: Local access
Vulnerable software:
macOS
macOS
Link to public exploit:
Vulnerability description
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to lack of bounds checking in HIServices custom CFObject serialization. A local attacker can run a specially crafted application, trigger memory corruption in the Accessibility Framework and gain system privileges.
Successful exploitation of the vulnerability results in privilege escalation.
The weakness exists due to lack of bounds checking in HIServices custom CFObject serialization. A local attacker can run a specially crafted application, trigger memory corruption in the Accessibility Framework and gain system privileges.
Successful exploitation of the vulnerability results in privilege escalation.
Remediation
Update to version 10.12.5.