A vulnerability found in the Sudo app last week is said to be affecting not just the Linux distributions, but also the macOS. A security researcher has verified this on the macOS running with the latest security patches, letting users with limited root-access gain full system privileges. Apple declined to comment on this but may come up with a patch soon.
macOS Sudo Bug Lets Hackers Have Deep System Access
Nothing can be worse than an unauthorized party gaining full system privileges and spying on users covertly. While many try to avoid these things happening in today’s cybersecurity world, zero-day vulnerabilities and bugs often show up even in legitimate apps leaking the system security.
A similar vulnerability discovered in the Sudo app, a service used by system admins to grant limited root-access to other users, can let limited users gain full system privileges since having a heap overflow bug in it. Tracked as CVE-2021-3156, this bug was discovered by Qualys researchers last week.
Hackers need to gain at least limited access to trigger this bug and gain full access. For this, they either should get someone with limited access by brute-force attacking them, or plant malware in for the access. This bug is affecting Debian, Ubuntu, and Fedora when found.
CVE-2021-3156 also impacts @apple MacOS Big Sur (unpatched at present), you can enable exploitation of the issue by symlinking sudo to sudoedit and then triggering the heap overflow to escalate one's privileges to 1337 uid=0. Fun for @p0sixninja pic.twitter.com/tyXFB3odxE
— Hacker Fantastic 📡 (@hackerfantastic) February 2, 2021
But BSD too is on the list, since affects most of the UNIX-like operating systems. Now, a British security researcher named Matthew Hickey from Hacker House has verified this bug affecting macOS also, in which he’s running on the latest version with recent security patches applied!
He explained, this vulnerability in macOS can be triggered by overwriting the “argv or create a symlink, which therefore exposes the OS to the same local root vulnerability that has plagued Linux users the last week or so.” Though Apple declined to comment, it may release a patch soon considering its seriousness.