exploitDog

CVE-2018-16962

Опубликовано: 12 сент. 2018

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

Webroot SecureAnywhere before 9.0.8.34 on macOS mishandles access to the driver by a process that lacks root privileges.

Ссылки

http://answers.webroot.com/Webroot/ukp.aspx?pid=10&app=vw&vw=1&login=1&json=1&solutionid=2022
Vendor Advisory
https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2018-009/?fid=11720
Exploit
Third Party Advisory
https://www.trustwave.com/Resources/SpiderLabs-Blog/CVE-2018-16962--Webroot-SecureAnywhere-macOS-Kernel-Level-Memory-Corruption/
Exploit
Third Party Advisory
http://answers.webroot.com/Webroot/ukp.aspx?pid=10&app=vw&vw=1&login=1&json=1&solutionid=2022
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:webroot:secureanywhere:*:*:*:*:*:*:*:*

Версия до 9.0.8.34 (исключая)

cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.00653

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-123

Связанные уязвимости

GHSA-g76p-q66j-mc8v

CVSS3: 7.8

github

больше 3 лет назад

Webroot SecureAnywhere before 9.0.8.34 on macOS mishandles access to the driver by a process that lacks root privileges.

EPSS

Процентиль: 70%

0.00653

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-123