A security researcher (@s1guza) has published the details of an unpatched vulnerability in macOS that can be exploited to gain full control of a system.
The bug is a critical local privilege escalation (LPE) affects IOHIDFamily, which is a kernel extension designed for human interface devices (HID) (e.g. the touchscreen, buttons, accelerometer, etc.). The bug could enable an unprivileged user (hacker) to obtain root permissions and execute malicious code on the affected system.
The researcher was checking the iOS code searching for bugs in the iOS kernel when he found that the component IOHIDSystem exists only on macOS.
According to the researcher:
“I was originally looking through its source in the hope of finding a low-hanging fruit that would let me compromise an iOS kernel, but what I didn’t know it then is that some parts of IOHIDFamily exist only on macOS – specifically IOHIDSystem, which contains the vulnerability discussed herein.”
The researcher wrote a proof of concept code, called IOHIDeous, that works for Sierra and High Sierra (up to 10.13.1,) and is capable to disable both the System Integrity Protection (SIP) and Apple Mobile File Integrity (AMFI).
Siguza (the researcher) believes that the flaw has been around since at least 2002, but some signs suggest it could really be a decade older than that. He said “One tiny, ugly bug. Fifteen years. Full system compromise,”
Latest posts by Unallocated Author (see all)
- Tips How To Recover Deleted Files on Windows PC Free and Easily - October 8, 2018
- iKeyMonitor Android Tracking App Review - September 4, 2018
- “Open Sesame” Vulnerability That Let Users Hack Windows 10 Was Demonstrated at Black Hat Conference - August 12, 2018