CVE-2018-18859

Name of the Vulnerable Software and Affected Versions LiquidVPN client versions through 1.37 for macOS

Description The issue allows an attacker to communicate with an unprotected XPC service, enabling the execution of arbitrary OS commands as root or the loading of a potentially malicious kernel extension. This is possible because com.smr.liquidvpn.OVPNHelper uses the value of the tun path or tap path pathname in a kextload() call.

Recommendations For LiquidVPN client versions through 1.37 for macOS, consider restricting access to the com.smr.liquidvpn.OVPNHelper service to minimize the risk of exploitation. As a temporary workaround, avoid using the tun path or tap path parameters in the affected service until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.