CVE-2018-7311
PrivateVPN 2.0.31 for macOS contains a root privilege escalation via a privileged helper launched as a LaunchDaemon with an XPC service. The helper executes the openvpn binary located under /Applications/PrivateVPN.app/Contents/Resources to establish VPN connections; the binary can be overwritten...