What is CVE-2013-1775?

CVE-2013-1775 is a vulnerability in Apple Mac_os_x, classified under CWE-264. Published 2013-03-05.

Is CVE-2013-1775 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apple Mac_os_x

CVE-2013-1775

sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user…

EPSS: 0.081 (92.3th percentile) — read the EPSS interpretation.

Affected products

Apple Mac_os_x
Todd_miller Sudo — versions 1.6, 1.6.1, 1.6.2
N/a — versions n/a

Weakness classification (CWE)

CWE-264

Public proof-of-concept exploits

References

secalert@redhat.com (x_refsource_CONFIRM)
58203 (vdb-entry, x_refsource_BID)
secalert@redhat.com (x_refsource_CONFIRM, Exploit, Patch)
secalert@redhat.com (x_refsource_CONFIRM, Vendor Advisory)
90677 (x_refsource_OSVDB, vdb-entry)
RHSA-2013:1701 (x_refsource_REDHAT, vendor-advisory)
DSA-2642 (vendor-advisory, x_refsource_DEBIAN)
openSUSE-SU-2013:0495 (vendor-advisory, x_refsource_SUSE)
USN-1754-1 (x_refsource_UBUNTU, vendor-advisory)
APPLE-SA-2015-08-13-2 (vendor-advisory, x_refsource_APPLE)

Frequently asked questions

What is CVE-2013-1775?: CVE-2013-1775 is a vulnerability in Apple Mac_os_x, classified under CWE-264. Published 2013-03-05.
Is CVE-2013-1775 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.