CVE-2018-7716

EPSS 0.7%
Veröffentlicht 05.03.2018 23:29:00
Zuletzt bearbeitet 21.11.2024 04:12:35
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability with its com.privat.vpn.helper privileged helper tool. This privileged helper tool implements an XPC service that allows arbitrary installed applications to connect and send messages. The XPC service extracts the config string from the corresponding XPC message. This string is supposed to point to an internal OpenVPN configuration file. If a new connection has not already been established, an attacker can send the XPC service a malicious XPC message with the config string pointing at an OpenVPN configuration file that he or she controls. In the configuration file, an attacker can specify a dynamic library plugin that should run for every new VPN connection. This plugin will execute code in the context of the root user.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Privatevpn ≫ Privatevpn Version2.0.31 SwPlatformmacos

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.7%	0.711

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://github.com/VerSprite/research/edit/master/advisories/VS-2018-006.md

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-7716

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-7716

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-7716

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2018-7716