|CVSS SCORE||6.9, (AV:L/AC:M/Au:N/C:C/I:C/A:C)|
The specific flaw exists within the IOHIDFamily kernel extension. The issue lies in the failure to validate a supplied length value causing a heap buffer overflow. An attacker can leverage this vulnerability to escalate privileges and execute code under the context of the kernel.
Apple has issued an update to correct this vulnerability. More details can be found at:
|CREDIT||Peter Pi of Trend Micro