2 matches found
CVE-2018-7716
PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability with its com.privat.vpn.helper privileged helper tool. This privileged helper tool implements an XPC service that allows arbitrary installed applications to connect and send messages. The XPC service extracts the...
CVE-2018-7716
PrivateVPN for macOS (v2.0.31) suffers a root privilege escalation via its com.privat.vpn.helper XPC service. The XPC interface accepts a config string that should reference an internal OpenVPN configuration, but an attacker can send a malicious XPC message directing the service to a config file ...