Vulnerability identifier: #VU37324

Vulnerability risk: Medium

CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-7070

CWE-ID: CWE-20

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
macOS
Operating systems & Components / Operating system

Vendor: Apple Inc.

Description

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows physically proximate attackers to bypass the screen-locking protection mechanism that should have been in place upon closing the lid.

Mitigation
Install update from vendor's website.

Vulnerable software versions

macOS: 10.0 - 10.0.4, 10.1 - 10.1.5, 10.2 - 10.2.8, 10.3 - 10.3.8 7U16, 10.4 - 10.4.11, 10.5 - 10.5.8, 10.6.0 - 10.6.8, 10.9 - 10.9.5, 10.10 - 10.10.5, 10.11 - 10.11.6

---

External links
http://support.apple.com/HT207615

---

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.