Cisco Discloses Details of macOS SMB Vulnerabilities

Source
Advertisement


SMB, which stands for Server Message Block, is a protocol for sharing files, printers, and serial ports. Apple’s own SMB stack is called SMBX.

Talos disclosed seven vulnerabilities found in SMBX server components and also detailed the process it used to identify them. One of the security holes was fixed silently by Apple, one was addressed in April, and the rest were patched in May with the release of macOS Big Sur 11.4.

The vulnerabilities are mitigated by the fact that their exploitation requires authentication, but Talos warned that “they are readily exploitable in environments with advanced authentication mechanisms.”

Advertisement