#VU8718 Information disclosure in macOS - CVE-2017-7149 

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Vulnerabilities #VU8718

#VU8718 Information disclosure in macOS - CVE-2017-7149

Published: October 9, 2017 / Updated: October 11, 2017


Vulnerability identifier: #VU8718
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-7149
CWE-ID: CWE-200
Exploitation vector: Local access
Exploit availability: No public exploit available
Vulnerable software:
macOS
Software vendor:
Apple Inc.

Description

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists in Disc Utility Macs that exposes the passwords of encrypted Apple File System volumes in plain text on macOS High Sierra. A local user can use the Add APFS Volume command in Disk Utility to create an encrypted APFS volume, click on password hint and view passwords in plain text.

Remediation

Follow these steps to update macOS High Sierra, and then back up, erase, and restore the encrypted APFS volume.

  1. Install the macOS High Sierra 10.13 Supplemental Update from the App Store updates page.
  2. Create an encypted backup of the data in your affected encrypted APFS volume.
  3. Open Disk Utility and select the affected encrypted APFS volume in the sidebar.
  4. Click Unmount to unmount the volume.
  5. Click Erase.
  6. When asked, type a name for the volume in the Name field.
  7. Change Format to APFS.
  8. Then change Format again to APFS (Encrypted).
  9. Enter a new password in the dialog. Enter it again to verify the password, and if you’d like to, provide a hint for the encrypted APFS volume. Click Choose.
  10. Click Erase. You can see the progress of the Erase process.
  11. Click Done when the process is complete.
  12. Restore the data that you backed up in Step 2 to the new encrypted APFS volume that you just created.

External links