HomeAdvisoriesVPN Unlimited for MacOS

VPN Unlimited for MacOS

Root Privilege Escalation

Previous AdvisoryNext Advisory

CVE ID

CVE-2018-8739

Vendor

Keep Solid

Product

VPN Unlimited for MacOS

Product Version

< 4.2.0

Vulnerability Details

VPN Unlimited for MacOS suffers from a root privilege escalation vulnerability in its privileged helper tool. The privileged helper tool implements an XPC interface, which allows arbitrary applications to execute system commands as root.

Learn more

Vendor Response

VPN Unlimited team is reviewing.

Disclosure Timeline

04.03.2018
Vendor disclosure via email
04.03.2018
Vendor notified via Facebook
05.03.2018
Vendor response and follow up
06.03.2018
Vendor requested additional information, POC and follow up
08.03.2018
VerSprite provided vendor with additional information
and POC
09.03.2018
Vendor response
13.03.2018
Vendor notified of diclosure schedule
14.03.2018
Vendor notified of advisory release

Previous AdvisoryNext Advisory

Threat Modeling: A Comprehensive Guide

Offensive Security

DevSecOps

IRM Services

Threat Intelligence

Envisions Geopolitical Threat Report:

By Industry

Chrome Exploitation: How to easily launch a Chrome RCE+SBX exploit chain with one command

Security Resources

Who We Are

VPN Unlimited for MacOS

CVE ID

Vendor

Product

Product Version

Vulnerability Details

Vendor Response

Disclosure Timeline