Apple OS X
Moderate fix1 remedy
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*
Moderate fix1 remedy
- < 10.10.3
Actively Exploited in the Wild
This vulnerability is being actively exploited in the wild.
Apple OS X Privilege Escalation Vulnerability in Admin Framework via XPC Implementation
Vulnerability
Exploited
Patched
A vulnerability in the XPC implementation of the Admin Framework in Apple OS X versions prior to 10.10.3 allows local users to bypass authentication and gain administrative privileges. This issue arises from inadequate entitlement checking in the XPC implementation, which can be exploited through unspecified vectors.
Impact
Exploitation of this vulnerability allows local users to gain admin privileges on the affected system.
Reproduction
The vulnerability can be reproduced by using a proof-of-concept exploit that leverages the XPC implementation in the Admin Framework. This exploit must be executed on a vulnerable version of OS X, specifically versions 10.10.1 and 10.10.2. The exploit bypasses authentication and grants administrative privileges.
Remediation
Users can upgrade to OS X Yosemite v10.10.3 to address this vulnerability.
Added: May 15, 2026, 10:19 AM
Updated: May 15, 2026, 10:19 AM
Vulnerability Rating
Custom Algorithm
spread
8.4impact
5.0exploitability
5.0remediation
7.7relevance
0.0threat
8.5urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.