Vulnerability Spotlight: Apple OS X Graphics Kernel Driver Local Privilege Escalation Vulnerability
Piotr Bania of Cisco Talos is credited with the discovery of this vulnerability.
Cisco Talos, in conjunction with Apple’s security advisory issued on Mar 22, is disclosing the discovery of a local vulnerability in the communication functionality of the Apple Intel HD3000 Graphics kernel driver. This vulnerability was initially discovered by the Talos Vulnerability Research & Development Team and reported in accordance with responsible disclosure policies to Apple.
There is a local privilege escalation vulnerability in the Apple Intel HD3000 Graphics kernel driver (TALOS-2015-0088/CVE-2016-1743) which Talos has identified on OS X 10.11. Exploitation of this vulnerability requires user interaction, such as executing a malicious executable received via email or downloaded and run on the user’s Mac. With OS X becoming more common in the workplace this can be especially impactful as the common user accounts often do not have root-level permissions.