[VS-2018-001] Shimo VPN Client for MacOS Root Privilege Escalation Vulnerability

CVE ID

CVE-2018-6823

CVSS Score

https://nvd.nist.gov/vuln/detail/CVE-2018-6823

Vendor

Mailbutler GmbH

Product

Shimo for MacOS < 4.1.5.1

Vulnerability Details

The Shimo VPN Client's com.feingeist.shimo.helper tool LaunchDaemon implements an unprotected XPC service that can be abused to execute scripts as root.

Exploit

https://github.com/VerSprite/research/tree/master/exploits/VS-2018-001

Vendor Response

Mailbutler GmbH responded stating their developer would review.

Disclosure Timeline

01-29-2018 - Contacted Shimno Support
01-29-2018 - Contacted Mailbutler GmbH at support@mailbutler.io
01-29-2018 - Received automated response from support system
02-02-2018 - No response Shimno Support
02-02-2018 - No response Mailbutler GmbH
02-07-2018 - Advisory released
02-09-2018 - Mailbutler GmbH response

Credit

Benjamin Watson of VerSprite Security (@rotlogix)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

VS-2018-001.md

VS-2018-001.md

[VS-2018-001] Shimo VPN Client for MacOS Root Privilege Escalation Vulnerability

CVE ID

CVSS Score

Vendor

Product

Vulnerability Details

Exploit

Vendor Response

Disclosure Timeline

Credit

Files

VS-2018-001.md

Latest commit

History

VS-2018-001.md

File metadata and controls

[VS-2018-001] Shimo VPN Client for MacOS Root Privilege Escalation Vulnerability

CVE ID

CVSS Score

Vendor

Product

Vulnerability Details

Exploit

Vendor Response

Disclosure Timeline

Credit