Confirmed the presence also on MacOS of the vulnerability of the Sudo command that allows you to acquire root privileges without permission
We had already talked about this serious vulnerability in the Sudo command for Linux systems. However, a British researcher, Matthew Hickey, has recently confirmed the possibility of exploiting this vulnerability also on MacOS systems. Through this security issue, it is possible acquire elevated privileges using a normal user account.
This would be a vulnerability that takes the name of Baron Samedit and indicated as CVE-2021-3156. This bug, among other things, was inserted into the code as early as July 2011, spreading like wildfire on almost all available distributions.
Returning to macOS, however, there is also another important examination to be made. In fact, by modifying the attack procedure very little, an attacker could leverage on Sudo problem to be able to get root permissions also on systems updated to MacOS Big Sur.
How is vulnerability exploited?
Among other things, this is a very easy to use vulnerability. In fact, a symbolic link or override the argv argument[0] command line in order to exploit the same vulnerability security whose presence has among other things been confirmed on many Linux distributions. On Linux, however, they solved the problem a few weeks ago. In fact through the Sudo version 1.9.5p2 released on January 26 have completely eradicated the problem. However, it will take a few more weeks so that the entire fleet with distributions GNU/Linux be updated. Therefore, all Linuxes are strongly encouraged to upgrade as soon as possible in order not to incur unpleasant headaches.
Independent observers and researchers, by the way, have confirmed the flaw also on MacOS. At this time, however, there is still no official patch that puts an end to this serious vulnerability. However, we are convinced that not long before the release of the resolutive patch from Apple.
What do you think of this security vulnerabilities? Let us know with a comment below and keep reading allotek to stay updated on the latest news and more.