PureVPN for MacOS

Root Privilege Escalation

Vendor

PureVPN

Product

PureVPN

Product Version

PureVPN for MacOS < 6.0.1

Vulnerability Details

The PureVPN for MacOs’s HelperTool LaunchDaemon implements an unprotected XPC service that can be abused to execute system commands as root.

Vendor Response

PureVPN provided updated an patched version for validation, however the vulnerability appears to still be present.

Disclosure Timeline

  • Disclosed to PureVPN via support

  • Contacted PureVPN via contact form

  • Contacted PureVPN via twitter

  • Disclosed to PureVPN via email

  • PureVPN confirmed they received the disclosure

  • PureVPN provided updated file for testing

  • Patched version provided by PureVPN still contained vulnerability

  • Updated PureVPN, still waiting for a response