Many Mac owners have used the Unix tool Sudo. It’s often used for Terminal commands when a user needs special user rights for a short time (with a command such as sudo nvram StartupMute=%01, for example, on Intel Macs, you can switch on the start tone); with the help of the tool, it’s possible to execute a command with the rights of a root user, which enables access to sensitive system areas.
A security hole in this tool is obviously very dangerous because this would allow hackers to penetrate deep into a system. Unfortunately, one such vulnerability was discovered last week in Linux and BSD, according to reports – and we now know that macOS is affected too, including macOS 11.2.
As Matthew Hickey reported on Twitter, the bug, known as both CVE-2021-3156 and “Baron Samedit”, requires a slight modification to work on macOS. With the help of a symlink to sudoedit, the exploit should also work on Big Sur. This has been confirmed by other security researchers such as Patrick Wardle.
According to reports, an additional security vulnerability in macOS is required for an attacker to exploit the vulnerability. An attacker must first gain access to the computer.
The vulnerability has already been corrected in Sudo v1.9.5p2; versions 1.8.2 to 1.8.31p2 and 1.9.0 to 1.9.5p1 are affected. Apple is expected to close the gap in an upcoming update. (Update: Apple has indeed now issued a fix in a software update – Big Sur 11.2.1.)
For broader advice, read our Mac security tips.
This article originally appeared on Macwelt. Translation by David Price.