7.8

CVE-2018-18860

Exploit
A local privilege escalation vulnerability has been identified in the SwitchVPN client 2.1012.03 for macOS. Due to over-permissive configuration settings and a SUID binary, an attacker is able to execute arbitrary binaries as root.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SwitchvpnSwitchvpn Version2.1012.03 SwPlatformmacos
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.18% 0.637
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://packetstormsecurity.com/files/150323/SwitchVPN-For-MacOS-2.1012.03-Privilege-Escalation.html
Third Party Advisory
Exploit
VDB Entry
http://seclists.org/fulldisclosure/2018/Nov/38
Third Party Advisory
Exploit
Mailing List
https://www.exploit-db.com/exploits/45854/
Third Party Advisory
Exploit
VDB Entry