Description
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.2. An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware.
References (2)
Core 2
Core References
Vendor Advisory
https://support.apple.com/en-us/121839
Mailing List
http://seclists.org/fulldisclosure/2024/Dec/7
Scores
CVSS v3
9.8
EPSS
0.0045
EPSS Percentile
63.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-125
Status
published
Products (2)
apple/macos
< 15.2
Apple/macOS
< 15.2
Published
Dec 12, 2024
Tracked Since
Feb 18, 2026