Image: Will Dormann

A British security researcher found out today that a recent vulnerability in the Sudo app also affects the MacOS operating system and not just Linux and BSD as originally assumed.

The vulnerability, disclosed last week by Qualys security researchers as CVE-2021-3156 (also known as Baron Samedit), affects Sudo, an app that allows administrators to delegate limited root access to other users.

Qualys researchers found that they could throw a “heap overflow” error in the sudo app in order to change the current user’s access to root-level commands with low permissions and allow the attacker access to the entire system.

The only condition to exploit this flaw was that an attacker gain access to a system, which researchers say can be done either by planting malware on a device or by brutally forcing a …



Source link

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.