An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover the FileVault 2 encryption password via a crafted Thunderbolt adapter.
References
Link | Resource |
---|---|
https://support.apple.com/HT207615 | Vendor Advisory |
http://www.securityfocus.com/bid/97140 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1038138 |
Configurations
Information
Published : 2017-04-01 18:59
Updated : 2017-07-11 18:29
NVD link : CVE-2016-7585
Mitre link : CVE-2016-7585
JSON object : View
CWE
CWE-310
Cryptographic Issues
Products Affected
apple
- mac_os_x