According to The Verge, one way to thwart this low likelihood but high impact vulnerability is to change the root account password on your Mac. Type "root" with no password, and simply try that several times until the system relents and lets you in.
Today, it was discovered that there's a major security vulnerability in the latest version of macOS, High Sierra. Changing the root password is the workaround for now. Select Open Directory Utility click the lock icon in the Directory Utility window then enter your admin name and password again. Click on the lock in the lower left of the menu to make changes. After plugging in "root" as our username and no password, it took two clicks to gain access to Users & Groups settings on a High Sierra system. It also appears to be active in the beta version of MacOS 10.13.2.
Business Insider was able to replicate the bug on Tuesday.
The bug is quite similar to Apple's "root user" login feature as it might function if enabled by default and with a blank password.
At the login screen, click "Other". You really shouldn't leave your Mac unattended at all until Apple fixes this, and you should shut off guest access for your device. A spokesperson for Apple was not immediately available for comment. Quartz wasn't able to recreate the login bug, but was able to edit who has access to a computer in System Preferences on a Mac running macOS High Sierra 10.13.1.
Once in the "Join" menu, click on "Open Directory Utility". If you do not already have a Root User enabled, you'll have to head over to that same Apple Support link as we've quoted above, and enable as such. Yes, using root with no password works here too. The good news is that it's simple to patch this hole right now, without waiting for a software update from Apple.