CactusVPN for MacOS | Security Research Advisory | VerSprite CactusVPN for MacOS | Security Research Advisory | VerSprite

Home  |  Research  |  Resources  |  Advisories  |  CactusVPN for MacOS

CactusVPN for MacOS

Root Privilege Escalation | setuid

CVE ID

CVE-2018-7281

VENDOR

CactusVPN

PRODUCT

CactusVPN

Product version

CactusVPN for MacOS < 5.3.6

Vulnerability Details

The CactusVPN for MacOS contains a root privilege escalation vulnerability through a setuid root binary called runme. The binary takes a single command line argument and passes this to a system() call, thus allowing low privileged users to execute commands as root.

Vendor response

CactusVPN has remediated the vulnerability.

Disclosure timeline

02-16-2018 - Vendor contacted via Twitter
02-16-2018 - Vendor contacted via Facebook
02-16-2018 - Vendor response and disclosure
02-17-2018 - Vendor responded that team is working on update
02-20-2018 - VerSprite confirmed the ETA release of the patched sofware
02-20-2018 - Vendor sent patched software for validation
02-21-2018 - VerSprite validated the vulnerability had been fixed
02-21-2018 - Vendor notified of advisory release

Offensive Minded Security Exploit Development

We are an international squad of professionals working as one.

logos