CVE-2015-7035

Vulnerability

Apple Mac EFI firmware, as used in OS X before 10.11.1 and other products, contains an argument-handling issue that allows attackers to reach unused functions. The affected versions include OS X El Capitan 10.11, OS X Yosemite v10.10.5, and OS X Mavericks v10.9.5. The vulnerability is addressed in Mac EFI Security Update 2015-002 and OS X El Capitan 10.11.1 [1], [2].

Exploitation

The official description notes that the issue arises from mishandled arguments, but the precise attack vector and required conditions are not publicly detailed. Based on the available references, exploitation may require local access or proximity, and possibly physical presence, as EFI vulnerabilities often do. The MITRE researchers who reported the vulnerability are noted in the advisory [2].

Impact

An attacker who successfully exploits this issue can exercise unused EFI functions, which could lead to arbitrary code execution with firmware-level privileges, compromising the initial boot integrity and allowing persistent, stealthy control over the system [2].

Mitigation

Apple released Mac EFI Security Update 2015-002 for OS X Mavericks v10.9.5, and addressed the issue in OS X El Capitan 10.11.1 (and Security Update 2015-004 for Yosemite and Security Update 2015-007 for Mavericks) [1], [2]. Users should apply the latest EFI firmware updates from Apple. No workaround is mentioned.