SecurityAgent in Apple OS X before 10.11.1 does not prevent synthetic clicks from reaching keychain windows, which allows attackers to bypass intended access restrictions via a crafted app. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
Authentication Bypass
Apple
Microsoft
Mac Os X
NVD
CVSS 2.0
4.3
EPSS
0.2%
Prev
Page 2 of 2