VPN Unlimited for MacOS | Security Research Advisory | VerSprite VPN Unlimited for MacOS | Security Research Advisory | VerSprite

Home  |  Research  |  Resources  |  Advisories  |  VPN Unlimited for MacOS

VPN Unlimited for MacOS

Root Privilege Escalation

CVE ID

CVE-2018-8739

VENDOR

Keep Solid

PRODUCT

VPN Unlimited for MacOS

Product version

< 4.2.0

Vulnerability Details

VPN Unlimited for MacOS suffers from a root privilege escalation vulnerability in its privileged helper tool. The privileged helper tool implements an XPC interface, which allows arbitrary applications to execute system commands as root.

Learn More →

Vendor response

VPN Unlimited team is reviewing.

Disclosure timeline

03-04-2018 - Vendor disclosure via email
03-04-2018 - Vendor notified via Facebook
03-05-2018 - Vendor response and follow up
03-06-2018 - Vendor requested additional information, POC and follow up
03-08-2018 - VerSprite provided vendor with additional information
and POC
03-09-2018 - Vendor response
03-13-2018 - Vendor notified of diclosure schedule
03-14-2018 - Vendor notified of advisory release

Digging up the Past: OS X File Versioning

Digging up the Past: OS X File Versioning

Blog Post

Digging up the Past: OS X File Versioning

Privacy Risk

IPVanish for MacOS vulnerability

IPVanish for MacOS

Advisory

IPVanish for MacOS

MacOS

MacKeeper vulnerability

MacKeeper

Advisory

MacKeeper

MacOS

    Back to Advisory Main         Visit Resource Library    

Offensive Minded Security Exploit Development

Learn More

arrow right

We are an international squad of professionals working as one.

logos

Copyright 2021 VerSprite - All Rights Reserved