CVE-2016-7608

low-risk

Published 2017-02-20

An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "IOFireWireFamily" component, which allows local users to obtain sensitive information from kernel memory via unspecified vectors.

Do I need to act?

0.79% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

1 public exploit available

44235

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Mac Os X

Affected Vendors

Apple

References (6)

Third Party Advisory http://www.securityfocus.com/bid/94903

http://www.securitytracker.com/id/1037469

Vendor Advisory https://support.apple.com/HT207423

Third Party Advisory http://www.securityfocus.com/bid/94903

http://www.securitytracker.com/id/1037469

Vendor Advisory https://support.apple.com/HT207423

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 3/34 · Minimal

Exposure 5/34 · Minimal