CVE-2017-13872
CVE-2017-13872
An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The issue involves the "Directory Utility" component. It allows attackers to obtain administrator access without a password via certain interactions involving entry of the root user name.
Affected products
n/a · macOS High Sierrapublic PoCs found — 5
githubgithub.com/giovannidispoto/CVE-2017-13872-Patch★ 0cve_referencewww.exploit-db.com/exploits/43201/unverifiedcve_referencewww.exploit-db.com/exploits/43248/unverifiedexploitdbwww.exploit-db.com/exploits/43248unverifiedexploitdbwww.exploit-db.com/exploits/43201unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://arstechnica.com/information-technology/2017/11/macos-bug-lets-you-log-in-as-admin-with-no-password-required/https://github.com/rapid7/metasploit-framework/pull/9302https://objective-see.com/blog/blog_0x24.htmlhttps://support.apple.com/HT208315https://support.apple.com/HT208331https://www.exploit-db.com/exploits/43201/https://www.exploit-db.com/exploits/43248/https://www.wired.com/story/macos-update-undoes-apple-root-bug-patch/http://www.securityfocus.com/bid/101981http://www.securitytracker.com/id/1039875