A flaw in macOS High Sierra allows to unlock the App Store Preferences without password

Pierluigi Paganini January 12, 2018

Security expert discovered a new vulnerability in macOS High Sierra that could be exploited by users logged as admins to unlock the AppStore Preferences in System Preferences by providing any password.

Security expert discovered a new vulnerability in macOS High Sierra that could be exploited by users logged as admins to unlock the AppStore Preferences in System Preferences by providing any password.

https://twitter.com/eholtam/status/951142826485698561

The vulnerability was reported by Eric Holtam and affects the latest version macOS 10.13.2. The issue doesn’t affect non-admin accounts that must provide correct credentials to unlock the AppStore Preferences.

The steps to reproduce the issue and grants access to change the AppStore preferences are:

  1. Log in as a local admin;
  2. Open App Store Prefpane from the System Preferences;
  3. Lock the padlock if it is already unlocked;
  4. Click the lock to unlock it;
  5. Enter any bogus password;

macOS High Sierra

Holtam highlighted that the issue doesn’t affect other system preferences panel (i.e. system preferences).

The flaw has a limited impact because it can only be triggered by admins, anyway, anyone with a physical access to a machine that was left unattended by a user logged as admins can exploit the vulnerability.

Apple already issued a security patch in the latest beta version of macOS High Sierra (10.13.3) and the problem will be addressed in a future update for stable versions.

In November, an authentication bypass issue was publicly disclosed via Twitter by the developer Lemi Orhan Ergan. The flaw in macOS High Sierra allowed gaining root access to a machine with no password.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – macOS High Sierra, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment