PT-2018-17758 · Purevpn · Purevpn
Benjamin Watson
+1
·
Published
2018-02-07
·
Updated
2020-05-11
·
CVE-2018-6822
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
PureVPN version 6.0.1
Description
The issue concerns an unprotected XPC service in the HelperTool LaunchDaemon of PureVPN on macOS. This unprotected service can be exploited to execute system commands with root privileges.
Recommendations
For PureVPN version 6.0.1, consider disabling the HelperTool LaunchDaemon until a patch is available to prevent potential exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Purevpn