CVE-2018-6823

2018-02-07T16:29:00
ID CVE-2018-6823
Type cve
Reporter cve@mitre.org
Modified 2018-03-13T16:36:00

Description

In the VPN client in Mailbutler Shimo before 4.1.5.1 on macOS, the com.feingeist.shimo.helper tool LaunchDaemon implements an unprotected XPC service that can be abused to execute scripts as root.