MacKeeper | Security Research Advisory | VerSprite MacKeeper | Security Research Advisory | VerSprite

Home  |  Research  |  Resources  |  Advisories  |  MacKeeper

MacKeeper

Privilege Escalation

CVE ID

CVE-2018-10171

VENDOR

KromTech

PRODUCT

MacKeeper

Product version

3.20.4

Vulnerability Details

MacKeeper suffers from a root privilege escalation vulnerability through its com.mackeeper.AdwareAnalyzer.AdwareAnalyzerPrivilegedHelper component. The AdwareAnalzyerPrivilegedHelper tool implements an XPC service that allows an unprivileged application to connect and execute shell scripts as the root user.

Learn More →

Vendor response

Vendor released update

Disclosure timeline

02-23-2018 - Vendor notified via email
02-23-2018 - Vendor notified via Facebook
02-23-2018 - Vendor response via email
02-26-2018 - Vendor disclosure
02-26-2018 - Vendor response
02-26-2018 - VerSprite Security provides detailed vulnerability guidance
03-08-2018 - Vendor followup
03-08-2018 - Vendor response and followup
03-08-2018 - VerSprite Security extends advisory release timeline
04-11-2018 - VerSprite Security verifies vulnerability resolution
04-16-2018 - Vendor notified of the advisory release

Digging up the Past: OS X File Versioning

Digging up the Past: OS X File Versioning

Blog Post

Digging up the Past: OS X File Versioning

Privacy Risk

IPVanish for MacOS vulnerability

IPVanish for MacOS

Advisory

IPVanish for MacOS

MacOS

NordVPN for MacOS vulnerability

NordVPN for MacOS

Advisory

NordVPN for MacOS

MacOS

    Back to Advisory Main         Visit Resource Library    

Offensive Minded Security Exploit Development

Learn More

arrow right

We are an international squad of professionals working as one.

logos

Copyright 2021 VerSprite - All Rights Reserved