Are there any security vulnerabilities that would allow an attacker to change the admin password

With macOS Catalina and many recent macOS - the built in tools guide everyone how to reset admin permissions without needing any of the single user mode boot tricks of old (left at the bottom for posterity and people running OS that were shipped before 2015)

Now - follow the official Apple triage steps: https://support.apple.com/en-us/HT202860

Instead of single user mode, boot to recovery and use the Terminal Utility. Then you can remove the .AppleSetupDone file from:

/Volumes/Macintosh\ HD\ -\ Data/private/var/db 

There are many ways to reset the login password without installation media, here are three:

Change the password in single user mode

1. Hold ⌘+S on startup
2. mount -uw / (fsck -fy is not needed)
3. launchctl load /System/Library/LaunchDaemons/com.apple.opendirectoryd.plist (or /System/Library/LaunchDaemons/com.apple.DirectoryServices.plist in 10.6)
4. dscl . passwd /Users/username (without a trailing slash) and enter a new password. You can ignore the error about com.apple.DirectoryServices.plist.
5. reboot

Create a new admin account

1. Hold ⌘+S on startup
2. mount -uw / (fsck -fy is not needed)
3. rm /var/db/.AppleSetupDone
4. reboot
5. Go through the steps of creating a new account. You can leave all fields in the personal information step blank.
6. After logging in to the new account, go to the Users & Groups preference pane
7. Select the old account, press the Reset Password... button, and enter a new password

Restart and enter Recovery mode (for 10.7 Lion and newer OS only)

1. Hold ⌘+R on startup
2. Open Terminal from the Utilities menu
3. Type resetpassword and follow the instructions

Using iCloud Recovery Mode (10.9.x & newer)

1. After incorrectly entering a user password three times at the Mac login screen, a message appears saying "If you forgot your password, you can reset it using your Apple ID"
2. Click the arrow button to bring up a "Reset Password" dialog
3. Enter the Apple ID login information that is tied to the OS X user account and click “Reset Password”
4. Click “OK” to confirm the new keychain creation
5. Enter and verify a new password, fill out the password hint field, and again click on “Reset Password”
6. Click “Continue Log In” to login as the user account with the reset password

In Terminal.app type passwd, this will prompt you to enter a password for your account.

Another way is to Go into Users & Groups in System Prefereneces... and click on change password if possible. Not sure in the case of a blank password if that button will be active or greyed, since I never faced this situation before.