CVE-2014-7861

Vulnerability

The vulnerability resides in the IOHIDSecurePromptClient function of Apple OS X. The issue is a failure to properly validate user-supplied pointer values before they are dereferenced. This allows remote attackers to exploit the flaw through a crafted web page, with user interaction required (the target must visit the malicious page or open a malicious file). The flaw affects Apple OS X versions at the time of disclosure (October 2014). [1]

Exploitation

An attacker can exploit this vulnerability by hosting a malicious website that triggers the vulnerable code path. The attacker does not require any authentication or local access; only user interaction is needed (the victim visiting the crafted site). The specific flaw is in the handling of calls to IOHIDSecurePromptClient, where pointer values are not properly sanitized before being dereferenced. [1]

Impact

Successful exploitation allows the attacker to execute arbitrary code on the vulnerable system or cause a denial of service (system crash). The CVSS score is 4.7 (AV:L/AC:M/Au:N/C:N/I:N/A:C), indicating a medium severity with a complete availability impact but no confidentiality or integrity impact. [1]

Mitigation

At the time of disclosure (October 2014), no fix was publicly available. The vulnerability was reported as a 0-day, and Apple had not released a patch. Users were advised to avoid visiting untrusted websites and to ensure they are running the latest version of OS X once a security update is released. The vulnerability is not known to be in the CISA KEV catalog. [1]