A British security researcher discovered today that recent security vulnerability in the Sudo application also affects functional macOS system (not just Linux and BSD).
The vulnerability, revealed last week as CVE-2021-3156 (aka Baron Samedit) by Qualys security researchers, affects Sudo, a application which allows administrators to give limited root access to other users.
Qualys researchers have discovered that they could cause a "heap overflow" in the Sudo application to change the current user's low privilege access to root-level commands, giving a potential attacker access to the entire system.
The only requirement to exploit this flaw was that an attacker must gain access to a system, which the researchers said could be done either by placing a malicious software on a device or by brute-forcing on low privileged system accounts.
CVE-2021-3156 also impacts @apple MacOS Big Sur (unpatched at present), you can enable exploitation of the issue by symlinking sudo to sudoedit and then triggering the heap overflow to escalate one's privileges to 1337 uid = 0. Fun for @ p0sixninja pic.twitter.com/tyXFB3odxE
— hackerfantastic.x (@hackerfantastic) February 2, 2021
However, as shown by Matthew Hickey, ο συνfounder of Hacker House on Twitter, the latest version of macOS also has the Sudo app.
Hickey said he tested the CVE-2021-3156 vulnerability and found that with some modifications, the security loophole could be used to give potential intruders access to macOS root accounts.
"To enable it, you just need to replace argv [0] or create a symlink, which will expose the operating system to the same local root vulnerability that affected Linux users last week."
The researcher said that he informed Apple about this problem. So an update from Cupertino is probably expected.