Root Privilege Escalation
VPN Unlimited for MacOS
VPN Unlimited for MacOS suffers from a root privilege escalation vulnerability in its privileged helper tool. The privileged helper tool implements an XPC interface, which allows arbitrary applications to execute system commands as root.
VPN Unlimited team is reviewing.
03-04-2018 - Vendor disclosure via email 03-04-2018 - Vendor notified via Facebook 03-05-2018 - Vendor response and follow up 03-06-2018 - Vendor requested additional information, POC and follow up 03-08-2018 - VerSprite provided vendor with additional information and POC 03-09-2018 - Vendor response 03-13-2018 - Vendor notified of diclosure schedule 03-14-2018 - Vendor notified of advisory release
Offensive Minded Security Exploit Development