Описание
A local privilege escalation vulnerability has been identified in the SwitchVPN client 2.1012.03 for macOS. Due to over-permissive configuration settings and a SUID binary, an attacker is able to execute arbitrary binaries as root.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:switchvpn:switchvpn:2.1012.03:*:*:*:*:macos:*:*
EPSS
Процентиль: 62%
0.00424
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
A local privilege escalation vulnerability has been identified in the SwitchVPN client 2.1012.03 for macOS. Due to over-permissive configuration settings and a SUID binary, an attacker is able to execute arbitrary binaries as root.
EPSS
Процентиль: 62%
0.00424
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
NVD-CWE-noinfo