Expert Advise On Latest macOS Root Privilege Escalation Flaw

A recently discovered heap-based buffer overflow vulnerability in Linux SUDO also impacts the latest version of Apple macOS Big Sur, with no patch available yet. This bug will allow the standard users to execute applications with root privileges. This vulnerability is patched on Linux platform but no fix is yet available for macOS.

Subscribe
Notify of
guest
1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Jonathan Knudsen
Jonathan Knudsen , Senior Security Strategist
InfoSec Expert
February 4, 2021 9:04 pm

<p><span lang=\"EN-US\">Recently, researchers discovered that the privilege escalation vulnerability CVE-2021-3156, also known as Baron Samedit, affects macOS, including the latest available version. By itself, a privilege escalation vulnerability might not be especially dangerous for most users. It could only be exploited if an attacker already has access to your computer, either locally or through a remote shell.</span></p> <p> </p> <p><span lang=\"EN-US\">Chained together with one or more other exploits, however, the risk of CVE-2021-3156 could be multiplied. If an attacker exploits another vulnerability to run code as a regular user, then they can trivially run the exploit for CVE-2021-3156 to gain administrative access, allowing them to take complete control of your computer. macOS users are advised to apply updates from Apple as soon as the fix for CVE-2021-3156 is available. In the meantime, try to avoid risky situations. Keep your other software up to date, don’t click on dodgy links, don’t click on email attachments unless you’re confident about their origins, disable network services you are not using, and so forth.</span></p>

Last edited 1 year ago by Jonathan Knudsen
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x