CactusVPN for MacOS
Root Privilege Escalation | setuid
CactusVPN for MacOS < 5.3.6
The CactusVPN for MacOS contains a root privilege escalation vulnerability through a setuid root binary called runme. The binary takes a single command line argument and passes this to a
system() call, thus allowing low privileged users to execute commands as root.
CactusVPN has remediated the vulnerability.
Vendor contacted via Twitter
Vendor contacted via Facebook
Vendor response and disclosure
Vendor responded that team is working on update
VerSprite confirmed the ETA release of the patched sofware
Vendor sent patched software for validation
VerSprite validated the vulnerability had been fixed
Vendor notified of advisory release