A security researcher discovered a security flaw in the Sudo app that impacts the latest macOS operating systems and other operating systems. Sudo allows a system administrator to give certain users (or groups of users) the ability to run some or all commands with root privileges while logging all commands and arguments. The vulnerability (tracked as CVE-2021-3156) by researchers from Qualys originally released this bug last week with thoughts that it only affected Linux based systems. According to the original report, to exploit this flaw an attacker would either have to plant malware on a device or brute-forcing a low-privileged service attack. Matthew Hickey, the co-founder of hacker house, stated that he tested the vulnerability, and to trigger it, someone must overwrite or create a symlink, which therefore exposes to the same local root vulnerability that plagued Linux users last week. Researchers notified Apple of the issue and Apple has yet to comment on the issue. With an issue this severe, a patch is most likely expected.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased