CVE-2019-12576

Name of the Vulnerable Software and Affected Versions London Trust Media Private Internet Access (PIA) VPN Client version v82 for macOS

Description A local, authenticated attacker could run arbitrary code with elevated privileges due to a vulnerability in the openvpn launcher binary, which is setuid root and executes several operating system utilities during the connection process. The vulnerability is exploited by creating a trojan networksetup utility, which is executed using relative paths, allowing a local unprivileged user to execute arbitrary commands as root. This is possible because the PATH environment variable is not reset prior to executing the OS utility.

Recommendations For London Trust Media Private Internet Access (PIA) VPN Client version v82 for macOS, consider disabling the execution of the networksetup utility until a patch is available, or restrict the PATH environment variable to prevent the execution of arbitrary commands.