Detections
Analytics
MacOS 10.13 root Authentication Bypass (Security Update 2017-001)
high Nessus Plugin ID 104814
Language:
Synopsis
The remote host is running a version of MacOS that is affected by a root authentication bypass vulnerability.Description
The remote host is running a version of MacOS 10.13 or 10.13.1 that is missing a security update. It is, therefore, affected by a root authentication bypass vulnerability. A local attacker or a remote attacker with credentials for a standard user account has the ability to blank out the root account password. This can allow an attacker to escalate privileges to root and execute commands and read files as a system administrator.Solution
Install Security Update 2017-001 or later. Alternatively, enable the root account and set a strong root account password.See Also
http://www.nessus.org/u?2cf4b55a
http://www.nessus.org/u?9ff9ff45
http://www.nessus.org/u?1e5890f3
http://www.nessus.org/u?f367aab4
Plugin Details
Severity: High
ID: 104814
File Name: macosx_high_sierra_empty_root_password.nasl
Version: 1.15
Type: local
Agent: macosx
Family: MacOS X Local Security Checks
Published: 11/28/2017
Updated: 11/27/2023
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 7.7
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2017-13872
CVSS v3
Risk Factor: High
Base Score: 8.1
Temporal Score: 7.5
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:apple:mac_os_x, cpe:/o:apple:macos
Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 11/29/2017
Vulnerability Publication Date: 11/28/2017
Exploitable With
Metasploit (Mac OS X Root Privilege Escalation)
Reference Information
CVE: CVE-2017-13872
BID: 101981
APPLE-SA: APPLE-SA-2017-11-29-1