|CVSS SCORE||6.9, (AV:L/AC:M/Au:N/C:C/I:C/A:C)|
The specific flaw exists within the AppleHSSPIHIDDriver kext. The issue lies in the failure to properly validate the length of user-supplied data prior to copying it to a buffer. An attacker can leverage this vulnerability to escalate privileges under the context of the kernel.
Apple has issued an update to correct this vulnerability. More details can be found at:
|CREDIT||Qidan He(@flanker_hqd) from KeenLab