CVE-2015-6980

Vulnerability

Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which can allow a local user to gain elevated privileges. The vulnerability exists in the Directory Utility component and affects OS X El Capitan 10.11, OS X Yosemite 10.10.5, and OS X Mavericks 10.9.5 [1]. The specific code path requires that the attacker has local access to the system.

Exploitation

An attacker must have local access to the affected system. The exploitation vector is unspecified in available references, but it is described as local privilege escalation. The attacker would need to trigger the mishandling of authentication for new sessions, possibly through the Directory Utility interface or its associated processes [1].

Impact

Successful exploitation allows a local user to gain elevated privileges beyond their normal access level. The impact is privilege escalation, potentially leading to full control over the affected system. The precise privilege level gained is not disclosed in the available references [1].

Mitigation

The issue is fixed in OS X El Capitan 10.11.1, released on October 21, 2015. Apple has not disclosed a workaround. Users should update to the latest version of OS X El Capitan (10.11.1 or later) [1].