Root Privilege Escalation
Shimo for MacOS < 220.127.116.11
The Shimo VPN Client for MacOS's com.feingeist.shimo.helper tool LaunchDaemon implements an unprotected XPC service that can be abused to execute scripts as root.
Learn More →
Mailbutler GmbH responded stating their developer would review.
01-29-2018 - Contacted Shimno Support 01-29-2018 - Contacted Mailbutler GmbH at [email protected] 01-29-2018 - Received automated response from support system 02-02-2018 - No response Shimno Support 02-02-2018 - No response Mailbutler GmbH 02-07-2018 - Advisory released 02-09-2018 - Mailbutler GmbH response
Offensive Minded Security Exploit Development