CVE-2017-13872
Apple macOS 10.13.1 (High Sierra) - 'Blank Root' Local Privilege Escalation
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
4Exploited in Wild
-Decision
Descriptions
An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The issue involves the "Directory Utility" component. It allows attackers to obtain administrator access without a password via certain interactions involving entry of the root user name.
Se ha descubierto un problema en algunos productos Apple. Las versiones de macOS High Sierra anteriores a la actualización de seguridad 2017-001 se han visto afectadas. El problema implica el componente "Directory Utility". Esto permite que los atacantes obtengan acceso de administrador sin contraseña mediante ciertas interacciones relacionadas con la entrada del nombre de usuario root.
Enable and set root account to a chosen password on unpatched macOS High Sierra hosts with either Screen Sharing or Remote Management enabled.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-08-30 CVE Reserved
- 2017-11-29 CVE Published
- 2017-11-30 First Exploit
- 2024-08-05 CVE Updated
- 2024-08-13 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-287: Improper Authentication
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/101981 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039875 | Third Party Advisory | |
| https://arstechnica.com/information-technology/2017/11/macos-bug-lets-you-log-in-as-admin-with-no-password-required | Mitigation | |
| https://github.com/rapid7/metasploit-framework/pull/9302 | X_refsource_misc | |
| https://support.apple.com/HT208331 | X_refsource_confirm |
|
| https://www.wired.com/story/macos-update-undoes-apple-root-bug-patch | Media Coverage |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/43201 | 2024-08-05 | |
| https://www.exploit-db.com/exploits/43248 | 2024-08-05 | |
| https://github.com/giovannidispoto/CVE-2017-13872-Patch | 2017-11-30 | |
| https://objective-see.com/blog/blog_0x24.html | 2024-08-05 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.apple.com/HT208315 | 2017-12-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | 10.13.0 Search vendor "Apple" for product "Mac Os X" and version "10.13.0" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | 10.13.1 Search vendor "Apple" for product "Mac Os X" and version "10.13.1" | - |
Affected
| ||||||