Lucene search
HistoryJan 30, 2015 - 11:59 a.m.
CVE-2014-4498
CVSS2
4.7
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:N/I:C/A:N
AI Score
6.1
Confidence
Low
EPSS
0.001
Percentile
44.5%
The CPU Software in Apple OS X before 10.10.2 allows physically proximate attackers to modify firmware during the EFI update process by inserting a Thunderbolt device with crafted code in an Option ROM, aka the “Thunderstrike” issue.
Affected configurations
Node
applemac_os_xRange≤10.10.1
Related
cvelist
cvelist
CVE-2014-4498
2015-01-30 11:00:00
CVE-2015-5914
2015-10-09 01:00:00
prion
prion
Code injection
2015-01-30 11:59:00
Code injection
2015-10-09 05:59:00
cve
cve
CVE-2014-4498
2015-01-30 11:59:27
CVE-2015-5914
2015-10-09 05:59:32
nvd
nvd
CVE-2015-5914
2015-10-09 05:59:32
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities -01 (Mar 2015)
2015-03-05 00:00:00
nessus
nessus
Mac OS X < 10.10.2 Multiple Vulnerabilities
2015-03-04 00:00:00
Mac OS X 10.10.x < 10.10.2 Multiple Vulnerabilities (POODLE)
2015-01-29 00:00:00
securityvulns
securityvulns
APPLE-SA-2015-01-27-4 OS X 10.10.2 and Security Update 2015-001
2015-02-02 00:00:00
Apple Mac OS X multiple security vulnerabilities
2015-02-02 00:00:00
CVSS2
4.7
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:N/I:C/A:N
AI Score
6.1
Confidence
Low
EPSS
0.001
Percentile
44.5%
Related for NVD:CVE-2014-4498