Security advisories

MacOS 10.13 Authentication Bypass

February 26, 2019 | 1 MIN READ

Speak With A Security Expert Now

TALK TO AN EXPERT

An authentication flaw has been discovered in MacOS version 10.13 (High Sierra) and MacOS 10.13.2 beta. A threat actor with remote or physical access to the device can gain administrative privileges by logging in with the user account "root" through System Preferences. Remote attacks require Apple's Remote Desktop Protocol. No password is required and once completed the threat actor will have persistent access to the device.

This is a trivial attack to perform and has a wide range of potential consequences namely, unauthorized access.

What should you do about it

Additional information

There is not currently a patch for this vulnerability. For mitigation steps and a technical analysis please see the following links:

[1] https://support.apple.com/en-us/HT204012

[2] https://www.macrumors.com/how-to/temporarily-fix-macos-high-sierra-root-bug/

View Most Recent Advisories