Sign-up

ID

VAR-201601-0070


CVE

CVE-2015-7024


TITLE

Apple OS X In Gatekeeper Vulnerabilities that circumvent the restrictions

Trust: 0.8

sources: JVNDB: JVNDB-2015-006722

DESCRIPTION

Untrusted search path vulnerability in Apple OS X before 10.11.1 allows local users to bypass intended Gatekeeper restrictions and gain privileges via a Trojan horse program that is loaded from an unexpected directory by an application that has a valid Apple digital signature. Supplementary information : CWE Vulnerability type by CWE-426: Untrusted Search Path ( Unreliable search path ) Has been identified. Apple Mac OS X is prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and to execute arbitrary code in the context of the user running the affected application. The vulnerability stems from the fact that applications using legal Apple digital signatures can load Trojan programs from specific locations. A local attacker can exploit this vulnerability to bypass established Gatekeeper restrictions and gain permissions

Trust: 1.98

sources: NVD: CVE-2015-7024 // JVNDB: JVNDB-2015-006722 // BID: 80986 // VULHUB: VHN-84985

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:lteversion:10.11.0

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.10.5

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.11

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.9.5

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.11.0

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.11

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.9.5

Trust: 0.3

vendor:applemodel:mac os security updatescope:neversion:x2015

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.11.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.10.5

Trust: 0.3

sources: BID: 80986 // JVNDB: JVNDB-2015-006722 // CNNVD: CNNVD-201601-175 // NVD: CVE-2015-7024

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-7024
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-7024
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201601-175
value: MEDIUM

Trust: 0.6

VULHUB: VHN-84985
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-7024
severity: MEDIUM
baseScore: 6.9
vectorString: AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-84985
severity: MEDIUM
baseScore: 6.9
vectorString: AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2015-7024
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 5.9
version: 3.0

Trust: 1.0

sources: VULHUB: VHN-84985 // JVNDB: JVNDB-2015-006722 // CNNVD: CNNVD-201601-175 // NVD: CVE-2015-7024

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-Other

Trust: 0.8

sources: JVNDB: JVNDB-2015-006722 // NVD: CVE-2015-7024

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201601-175

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201601-175

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-006722

PATCH
title:Apple security updatesurl:https://support.apple.com/en-us/HT201222
Trust: 0.8
title:APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007url:http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html
Trust: 0.8
title:HT205375url:http://support.apple.com/en-us/HT205375
Trust: 0.8
title:HT205375url:http://support.apple.com/ja-jp/HT205375
Trust: 0.8
title:Apple OS X Fixes for untrusted search path vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59529
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2015-006722 // 
            
            
            
            CNNVD: CNNVD-201601-175

EXTERNAL IDS
db:NVDid:CVE-2015-7024
Trust: 2.8
db:JVNid:JVNVU92655282
Trust: 0.8
db:JVNDBid:JVNDB-2015-006722
Trust: 0.8
db:CNNVDid:CNNVD-201601-175
Trust: 0.7
db:BIDid:80986
Trust: 0.4
db:VULHUBid:VHN-84985
Trust: 0.1
sources:
            
            
            VULHUB: VHN-84985 // 
            
            
            
            BID: 80986 // 
            
            
            
            JVNDB: JVNDB-2015-006722 // 
            
            
            
            CNNVD: CNNVD-201601-175 // 
            
            
            
            NVD: CVE-2015-7024

REFERENCES
url:http://lists.apple.com/archives/security-announce/2015/oct/msg00005.html
Trust: 1.7
url:https://support.apple.com/ht205375
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7024
Trust: 0.8
url:http://jvn.jp/vu/jvnvu92655282/
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7024
Trust: 0.8
url:https://www.apple.com/
Trust: 0.3
url:http://www.apple.com/macosx/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-84985 // 
            
            
            
            BID: 80986 // 
            
            
            
            JVNDB: JVNDB-2015-006722 // 
            
            
            
            CNNVD: CNNVD-201601-175 // 
            
            
            
            NVD: CVE-2015-7024

CREDITS
Patrick Wardle of Synack
Trust: 0.3
sources:
            
            
            BID: 80986

SOURCES
db:VULHUBid:VHN-84985
db:BIDid:80986
db:JVNDBid:JVNDB-2015-006722
db:CNNVDid:CNNVD-201601-175
db:NVDid:CVE-2015-7024

LAST UPDATE DATE
2025-04-13T20:00:55.674000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-84985date:2016-01-12T00:00:00
db:BIDid:80986date:2016-01-11T00:00:00
db:JVNDBid:JVNDB-2015-006722date:2016-01-13T00:00:00
db:CNNVDid:CNNVD-201601-175date:2016-01-12T00:00:00
db:NVDid:CVE-2015-7024date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-84985date:2016-01-11T00:00:00
db:BIDid:80986date:2016-01-11T00:00:00
db:JVNDBid:JVNDB-2015-006722date:2016-01-13T00:00:00
db:CNNVDid:CNNVD-201601-175date:2016-01-12T00:00:00
db:NVDid:CVE-2015-7024date:2016-01-11T11:59:01.480