An embarrassingly large security flaw has been discovered on Macs running the newest version of High Sierra, version 10.13.1. Apparently, any person can force the creation of a root account simply by entering "root" as the username when elevated permissions are requested.
Opening Preferences and attempting to access a panel that is locked will open a dialog requesting administrative permissions. Normally, your own username and password would be required but logging in as root and leaving the password field blank will bypass this prompt with ease.
Before you go trying this on your own Mac, realize that doing so creates a root level account that must be disabled to prevent future exploits from taking advantage of it. The vulnerability was publicly reported by Lemi Orhan Ergin on Twitter.
Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra. Anyone can login as "root" with empty password after clicking on login button several times. Are you aware of it @Apple?
— Lemi Orhan Ergin (@lemiorhan) November 28, 2017
This exploit is best achieved with physical access to a machine running version 10.13.1 but there is no reason why this could not be automated and executed remotely if code execution is possible. A regular user has full control over any Mac with this vulnerability in place.
Due to the nature of this security issue, it is advised that you are very careful who has physical access to your machine. There is no skill required in taking advantage of the problem, allowing anyone to do as they please with your hardware.
As a temporary fix, you can intentionally create the root account and then reset its password to a secure password. This may not fully secure your system against further exploits but it may be better than doing nothing at all.
https://www.techspot.com/news/72081-mac-high-sierra-allows-trivial-creation-root-account.html
