Beyondtrust: >> Privilege Management For Mac Security Vulnerabilities
An issue was discovered in BeyondTrust Privilege Management for Mac before 5.7. An authenticated, unprivileged user can elevate privileges by running a malicious script (that executes as root from a temporary directory) during install time. (This applies to macOS before 10.15.5, or Security Update 2020-003 on Mojave and High Sierra, Later versions of macOS are not vulnerable.)
CVSS Score
8.8
EPSS Score
0.002
Published
2023-12-11
CVE-2021-3156
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Known exploited
CVSS Score
7.8
EPSS Score
0.922
Published
2021-01-26