Unrated severityNVD Advisory· Published Jan 30, 2015· Updated May 6, 2026

CVE-2014-8817

Description

coresymbolicationd in CoreSymbolication in Apple OS X before 10.10.2 does not verify that expected data types are present in XPC messages, which allows attackers to execute arbitrary code in a privileged context via a crafted app, as demonstrated by lack of verification of xpc_dictionary_get_value API return values during handling of a (1) match_mmap_archives, (2) delete_mmap_archives, (3) write_mmap_archive, or (4) read_mmap_archive command.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

CoreSymbolication's coresymbolicationd in OS X before 10.10.2 fails to validate XPC message data types, allowing a crafted app to execute arbitrary code with elevated privileges.

Vulnerability

coresymbolicationd in CoreSymbolication on Apple OS X prior to 10.10.2 does not validate that XPC messages contain the expected data types. The service fails to check return values from xpc_dictionary_get_value API calls when processing match_mmap_archives, delete_mmap_archives, write_mmap_archive, or read_mmap_archive commands. This allows a maliciously crafted application to send XPC messages with unexpected data types, leading to memory corruption.

Exploitation

An attacker must run a crafted application on the target system. The application sends specially crafted XPC messages to coresymbolicationd that do not conform to the expected data types. Because the service does not verify the return values of xpc_dictionary_get_value, it may operate on invalid data, resulting in a memory corruption vulnerability that can be leveraged for arbitrary code execution.

Impact

Successful exploitation enables arbitrary code execution in a privileged context (likely root). The attacker gains full system control, allowing installation of malware, modification of system files, and access to sensitive data. The compromise is complete, affecting confidentiality, integrity, and availability.

Mitigation

Apple addressed this vulnerability in OS X Yosemite v10.10.2 and Security Update 2015-001 [1]. Users should update to OS X v10.10.2 or later. No workarounds are documented. This CVE is not listed on the CISA Known Exploited Vulnerabilities catalog.

References

About the security content of OS X Yosemite v10.10.2 and Security Update 2015-001 - Apple Support

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Apple Inc./Mac Os X
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Range: <=10.10.1
Apple Inc./OS Xllm-fuzzy
Range: <10.10.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

code.google.com/p/google-security-research/issues/detailnvdExploit
lists.apple.com/archives/security-announce/2015/Jan/msg00003.htmlnvdVendor Advisory
support.apple.com/HT204244nvdVendor Advisory
www.securitytracker.com/id/1031650nvd
exchange.xforce.ibmcloud.com/vulnerabilities/100496nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000