VYPR
← All advisories
Unrated severityNVD Advisory· Published Sep 19, 2014· Updated May 6, 2026

CVE-2014-4400

CVE-2014-4400

Description

An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4401, and CVE-2014-4416.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

An Intel Graphics Driver routine in OS X before 10.9.5 fails to validate calls, allowing arbitrary code execution in a privileged context via a crafted application.

Vulnerability

An unspecified integrated graphics driver routine within the Intel Graphics Driver subsystem in Apple OS X Mavericks prior to version 10.9.5 does not properly validate calls. This vulnerability affects OS X Mavericks v10.9 through v10.9.4 [1]. The exact routine and the nature of the missing validation are not publicly detailed.

Exploitation

An attacker must have the ability to execute a crafted application on the target system. No additional authentication or network access is required beyond local execution. The crafted application triggers the vulnerable driver routine, leading to the exploitation [1].

Impact

Successful exploitation allows the attacker to execute arbitrary code in a privileged context, effectively gaining full system-level control. This can lead to complete compromise of confidentiality, integrity, and availability of the affected system [1].

Mitigation

Apple addressed this vulnerability in OS X Mavericks v10.9.5, released on September 17, 2014. Users should update to this version via Software Update or by downloading from the Apple Support website [1]. No workarounds are documented, and the vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog.

References
  1. About the security content of OS X Mavericks v10.9.5 and Security Update 2014-004 - Apple Support

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

7
  • Apple Inc./Mac Os X6 versions
    cpe:2.3:o:apple:mac_os_x:10.8.5:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:o:apple:mac_os_x:10.8.5:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.9:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.9.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.9.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.9.3:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:mac_os_x:10.9.4:*:*:*:*:*:*:*
  • Apple Inc./OS Xllm-fuzzy
    Range: <10.9.5

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.