The host is installed with Apple Mac OS X or Server 10.9 through 10.9.3 and is prone to arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle IOThunderBoltController API calls. Successful exploitation allows execute arbitrary code with system privileges.