82 matches found
CVE-2018-4007
An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the deleteConfig functionality. The program is able to delete any protected file on the system. An attacker would need local access to the machine to successfully exploit the bug...
CVE-2018-4004
An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the disconnectService functionality. A non-root user is able to kill any privileged process on the system. An attacker would need local access to the machine for a successful exploit...
Privilege escalation
An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the disconnectService functionality. A non-root user is able to kill any privileged process on the system. An attacker would need local access to the machine for a successful exploit...
CVE-2018-4006
An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the writeConfig functionality. A non-root user is able to write a file anywhere on the system. A user with local access can use this vulnerability to raise their privileges to root. An attacker wou...
CVE-2018-4006
CVE-2018-4006 concerns Shimo VPN 4.1.5.1: a privilege-escalation flaw in the helper tool’s writeConfig function. A non-root user with local access can write a file anywhere on the system and, through this, escalate privileges to root. The issue arises from the helper service running with elevated...
CVE-2018-4004
CVE-2018-4004 is a privilege-escalation vulnerability in the Shimo VPN helper service, specifically the disconnectService function, on macOS Shimo VPN 4.1.5.1. A non-root local user can terminate a privileged process by supplying a targeted PID, enabling privilege escalation. The issue arises fro...
CVE-2018-4004
An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the disconnectService functionality. A non-root user is able to kill any privileged process on the system. An attacker would need local access to the machine for a successful exploit...
CVE-2018-4005
An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the configureRoutingWithCommand function. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine for a successful...
CVE-2018-4005
The CVE-2018-4005 entry affects Shimo VPN 4.1.5.1, specifically the helper service’s configureRoutingWithCommand function. Cisco Talos documents a local-privilege-escalation flaw in the helper tool, enabling a non-privileged user with local access to escalate to root by abusing the function to ru...
CVE-2018-4007
An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the deleteConfig functionality. The program is able to delete any protected file on the system. An attacker would need local access to the machine to successfully exploit the bug...
CVE-2018-4007
The CVE-2018-4007 entry is supported by multiple connected sources (notably TALOS-2018-0676) detailing a privilege escalation in Shimo VPN 4.1.5.1. The vulnerability resides in the helper service’s deleteConfig function, where a non-privileged caller can trigger deletion of any protected file bec...
PT-2019-10744 · Feingeist · Shimo Vpn
Name of the Vulnerable Software and Affected Versions: Shimo VPN version 4.1.5.1 Description: A privilege escalation issue exists in the helper service, specifically in the disconnectService functionality. This allows a non-root user to kill any privileged process on the system. An attacker needs...
PT-2019-10745 · Feingeist · Shimo Vpn
Name of the Vulnerable Software and Affected Versions: Shimo VPN version 4.1.5.1 Description: A privilege escalation issue exists in the helper service, specifically in the configureRoutingWithCommand function. This allows a user with local access to elevate their privileges to root. An attacker...
PT-2019-10746 · Shimo · Shimo Vpn
Name of the Vulnerable Software and Affected Versions: Shimo VPN version 4.1.5.1 Description: A privilege escalation issue exists in the Shimo VPN helper service, specifically in the writeConfig functionality. This allows a non-root user to write a file anywhere on the system, potentially enablin...
PT-2019-10747 · Feingeist Software Gmbh · Shimo Vpn
Name of the Vulnerable Software and Affected Versions: Shimo VPN version 4.1.5.1 Description: A privilege escalation issue exists in the helper service of Shimo VPN, specifically in the deleteConfig functionality, allowing the program to delete any protected file on the system. An attacker would...
Shimo VPN Input Validation Error Vulnerability
Shimo VPN is a VPN Virtual Private Network software based on macOS platform. An input validation error vulnerability exists in the disconnectService function of the assistant service in Shimo VPN version 4.1.5.1. The vulnerability stems from a network system or product that does not properly...
Shimo VPN elevation of privilege vulnerability (CNVD-2019-22623)
Shimo VPN is a VPN virtual private network software for macOS platforms An elevation of privilege vulnerability vulnerability exists in the 'configureRoutingWithCommand' function of the Assistant service in Shimo VPN version 4.1.5.1. The vulnerability stems from a network system or product that...
Shimo VPN Denial of Service Vulnerability
Shimo VPN is a VPN Virtual Private Network software based on macOS platform. A denial of service vulnerability exists in the deleteConfig function of the Assistant service in Shimo VPN version 4.1.5.1. The vulnerability stems from a network system or product that does not properly validate incomi...
Shimo VPN Elevation of Privilege Vulnerability
Shimo VPN is a VPN Virtual Private Network software based on macOS platform. An elevation of privilege vulnerability exists in the writeConfig function of the Assistant service in Shimo VPN version 4.1.5.1. The vulnerability stems from a network system or product that does not properly validate...
CVE-2018-4008
An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the RunVpncScript command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise their privileges to roo...