macOS Big Sur is affected by a serious security flaw. By exploiting them, code can be executed with root rights, which means that the entire system is effectively open to an attacker. It is unclear why Apple has not already fixed this gap with macOS Big Sur 11.2, because the lead time was long enough in principle.
There is a serious security hole in macOS Big Sur. The CVE-2021-3156 vulnerability was recently discovered in the command line tool sudo. With sudo, a logged-in user can execute individual actions or code under another user, including an administrator. The present vulnerability therefore also allows code to be executed with root rights, in this way an attacker gains complete freedom on a system. The loophole in sudo was initially found and closed in various Linux distributions; it was only later confirmed that macOS, a Unix-like operating system, is also susceptible to it. In order to exploit the vulnerability, low-threshold system access must first exist, for example through malware that users have caught on the network.
A quick patch is expected
Previously, however, it was suspected that Apple had already taken care of this vulnerability: macOS Big Sur 11.2 had a rather long beta phase behind it, at the end of which the release candidate appeared in three versions. It was suspected that RC3 had solved the sudo problem, but this is not the case, as security experts are now beyond doubt approved to have.
Big Sur 11.2 RC3 (20D64) install report
sudo remains unchanged – version 1.8.31
10.15 = 1.8.31
10.14 = 1.8.17p1
Security Update 2020-001 Beta for 10.15 & 14 – not updated
I’m not saying that macOS is or isn’t vulnerable. We don’t have very much info to go on. 🤔
– Mr. Macintosh (@ClassicII_MrMac) January 28, 2021
Apple is aware of the problem, and given its severity, a patch can be expected soon.