The vulnerability of the com.privat.vpn.helper component of the software for accessing VPN services, PrivateVPN, allows a hacker to execute arbitrary code with root privileges.

The vulnerability of the com.privat.vpnhelper component, which implements the XPC service for accessing the PrivateVPN service, is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code with root privileges...