NEWS
Home / News / News Details

MacOS LPE Exploit Gives Attackers Root Access

01/04/2018

3269

On the last day of 2017, a security researcher going online by the pseudonym of Siguza published details about a macOS vulnerability affecting all Mac operating system versions released since 2002, and possibly earlier.


Siguza did not notify Apple in advance, so at the time of writing, there is no fix for this flaw.


Despite the doom and gloom, the vulnerability is only a local privilege escalation (LPE) flaw that can only be exploited with local access to a computer or after an attacker has already got a foothold on a machine. The vulnerability grants root access to an attacker.


MacOS LPE Exploit Gives Attackers Root Access


Vulnerability affects IOHIDFamily macOS kernel driver


The issue affects the IOHIDFamily macOS kernel driver, a component that handles various types of user interactions.


Siguza said he read about various flaws in this component and took a look at it to find new ways to compromise iOS, Apple's mobile operating system, where IOHIDFamily is also deployed. The expert says he found the LPE flaw in the IOHIDFamily code specific to macOS versions only.


While Siguza did not contact Apple, he did write a very detailed report on how someone could exploit the flaw. Nonetheless, Siguza clarified his position in a tweet published on January 1.


"My primary goal was to get the write-up out for people to read. I wouldn't sell to blackhats because I don't wanna help their cause. I would've submitted to Apple if their bug bounty included macOS, or if the vuln was remotely exploitable," he said.


According to Siguza, the flaw is easy to exploit because it triggers on logout operations. This means attackers can get root access on a machine whenever the user logs off, reboots, or shuts down his computer, all very common operations that take place on a daily basis, meaning there's no need for social engineering to exploit the flaw.


Update probably not coming


Bleeping Computer has reached out to Apple for comment on the vulnerability. Taking into account the holiday season, Apple will most likely not release an update in the following days.


In addition, LPE flaws are not considered critical, and it's likely that Apple won't release an emergency update to fix the issue, but address it as part of its next monthly security update train.


Source: bleepingcomputer
Related Articles
Siguza Might Stop Developing iOS 10.3.X 64-bit Jailbreaking
Connect with us
About Us Legal Statement Disclaimer
© 2010 - 2025 3uTools. All Rights Reserved.
3uTools lets you manage, customize, and enhance your iPhone or iPad with ease
An All-in-one Tool for iOS Devices
Windows
Mac OS
iOS
Linux
3uTools
Win 64-bit For this device
V9.0 2025-11-11
Download
Win 32-bit For this device
V9.0 2025-11-11
Download
Download V3 version
3uTools
Intel Chip How to Identify Chip Type
V9.0 2025-12-02
Download
Apple Silicon
V9.0 2025-12-02
Download
How to Identify Chip Type
1.  Click the Apple icon in the top-left corner of the screen and select About This Mac.
2.  Check the Processor or Chip field to determine if it is "Intel" or "Apple".
Please right-click the installer package and select "Open" to begin installation.
If installation fails, please view the troubleshooting solutions!
Please use the 3uTools PC client to install the iOS client:
1、 Install either the Windows or Mac version of 3uTools on your computer
2、 Open the PC client and connect your device to the computer via USB cable
3、 After the connection is successful, wait for the computer to automatically install the mobile app for the device, or locate “Install Mobile App” on the computer and manually click to install.
3uTools
deb file
V3.01 2025-11-20
Download
rpm file
V3.01 2025-11-20
Download
The deb file can be installed via command line: sudo dpkg -i yourpath/3uTools.deb
The rpm file can be installed via command line: rpm -ivh --nodeps yourpath/3uTools.rpm
Windows
Windows
iOS
iOS
Android
Android
TV
TV
3uAirPlayer
Win 64-bit For this device
V6.0.2 2025-11-19
Download
Win 32-bit For this device
V6.0.2 2025-11-19
Download
iOS Device Mirroring (No App Required)
1、 Install 3uAirPlayer on the Windows PC
2、 Open Control Center and select Screen Mirroring
3、 From the list, choose your PC to start mirroring
4、 Or connect your iOS device to the PC via USB to begin mirroring
Scan to get "3uAirPlayer" App
3uAirPlayer TV V1.0.18
2025-11-28
Download
TV System Requirements: Android 7.0 or later
Download the TV installation package, copy it to a USB drive, insert it into your TV or set-top box, then select the file from the home screen to install.