Expert Advise On Latest macOS Root Privilege Escalation Flaw

By   ISBuzz Team
Writer , Information Security Buzz | Feb 04, 2021 01:02 pm PST

A recently discovered heap-based buffer overflow vulnerability in Linux SUDO also impacts the latest version of Apple macOS Big Sur, with no patch available yet. This bug will allow the standard users to execute applications with root privileges. This vulnerability is patched on Linux platform but no fix is yet available for macOS.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Jonathan Knudsen
Jonathan Knudsen , Senior Security Strategist
February 4, 2021 9:04 pm

<p><span lang=\"EN-US\">Recently, researchers discovered that the privilege escalation vulnerability CVE-2021-3156, also known as Baron Samedit, affects macOS, including the latest available version. By itself, a privilege escalation vulnerability might not be especially dangerous for most users. It could only be exploited if an attacker already has access to your computer, either locally or through a remote shell.</span></p> <p> </p> <p><span lang=\"EN-US\">Chained together with one or more other exploits, however, the risk of CVE-2021-3156 could be multiplied. If an attacker exploits another vulnerability to run code as a regular user, then they can trivially run the exploit for CVE-2021-3156 to gain administrative access, allowing them to take complete control of your computer. macOS users are advised to apply updates from Apple as soon as the fix for CVE-2021-3156 is available. In the meantime, try to avoid risky situations. Keep your other software up to date, don’t click on dodgy links, don’t click on email attachments unless you’re confident about their origins, disable network services you are not using, and so forth.</span></p>

Last edited 3 years ago by Jonathan Knudsen

Recent Posts

Would love your thoughts, please comment.x