Administrator Privilege Vulnerability in Cisco Trust Agent for Macs
Cisco has issued a Security Advisory warning users that there is a vulnerability affecting Cisco Trust Agent installations on Mac OS X. This can allow an individual with physical access to an endpoint to gain administrative access to the local machine without authorization. Cisco Trust Agent is the client software for Cisco's Network Access Control (NAC) solution.
The problem affects the user notification pop-up that is displayed by the Cisco Secure Access Control Server after intial validation of the system state. This pop-up window allows the user to access the System Preferences as the root user and change the passwords of all non-root user accounts. Changing account passwords through this method of exploitation does not require previous knowledge of the existing password – which means anyone with physical access to the Mac can access the administrator account.
CTA release 18.104.22.168 or later resolves this vulnerability and is available for download from the Cisco web site (only available to registered customers). The Security Advisory also includes workarounds for configuring the software in the event that the customer cannot update the software.
- Cisco Trust Agent - Mac OS X Privilege Escalation Vulnerability, Cisco Security Advisory
- Download the updated software (for registered users)