MacKeeper
Privilege Escalation
CVE ID
Vendor
KromTech
Product
MacKeeper
Product Version
3.20.4
Vulnerability Details
MacKeeper suffers from a root privilege escalation vulnerability through its com.mackeeper.AdwareAnalyzer.AdwareAnalyzerPrivilegedHelper component. The AdwareAnalzyerPrivilegedHelper tool implements an XPC service that allows an unprivileged application to connect and execute shell scripts as the root user.
Vendor Response
Vendor released update
Disclosure Timeline
-
Vendor notified via email
-
Vendor notified via Facebook
-
Vendor response via email
-
Vendor disclosure
-
Vendor response
-
VerSprite Security provides detailed vulnerability guidance
-
Vendor followup
-
Vendor response and followup
-
VerSprite Security extends advisory release timeline
-
VerSprite Security verifies vulnerability resolution
-
Vendor notified of the advisory release
