CVE-2015-3697

Vulnerability

A buffer overflow vulnerability exists in the Intel Graphics Driver component of Apple OS X. The flaw is present in systems running OS X versions prior to 10.10.4. The issue can be triggered through unspecified vectors, as described in the official advisory [1]. This CVE is part of a series of related vulnerabilities in the same driver (including CVE-2015-3695, CVE-2015-3696, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702).

Exploitation

Exploitation requires local access to the system. An attacker must already have a user account on the affected macOS version. The exact attack vector is not publicly detailed by Apple, but the buffer overflow condition can be triggered through unspecified means that leverage the vulnerable code path in the Intel Graphics Driver. No user interaction beyond local access is required.

Impact

A successful attack allows a local user to escalate privileges. The attacker gains elevated privileges, potentially obtaining full administrative (root) access to the system, thereby compromising the confidentiality, integrity, and availability of the affected system.

Mitigation

Apple addressed this vulnerability in OS X Yosemite v10.10.4, released on June 30, 2015, as part of Security Update 2015-005 [1]. Users should update to OS X 10.10.4 or later. There is no known workaround for systems that cannot be updated. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog as of the last available update.