MacOS root Authentication Bypass Direct check over VNC Server (unauthenticated)
Critical Nessus Plugin ID 104885
The remote host is running a version of macOS that is affected by a root authentication bypass vulnerability.
The remote host is running a version of macOS that has a root authentication bypass vulnerability. This plugin tries to exploit this vulnerability remotely over VNC protocol. If it is successful, a root user with blank password will be enabled. This check is only enabled if safe checks are disabled. If this plugin is successful, you will need to log in to the target box and disable the root account as well as patch the underlying vulnerability.
Apply the patch from Apple, or as a workaround, enable the root account and set a strong root account password.