Root Privilege Escalation Vulnerability | XPC
CactusVPN for MacOS suffers from a root privilege escalation vulnerability in its privileged helper tool. The privileged helper tool implements an XPC interface, which allows arbitrary applications to execute system commands as root.
Learn More →
Vendor has released an update.
02-21-2018 - Vendor disclosure 02-23-2018 - Vendor response 02-27-2018 - Vendor submitted update for testing 03-02-2018 - VerSprite validated the vulnerability had been fixed 03-05-2018 - Vendor released update 03-05-2018 - Vendor notified of advisory release
Offensive Minded Security Exploit Development