Vulnerability Description
Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kernel extension because com.smr.liquidvpn.OVPNHelper uses the system function to execute the "openvpncmd" parameter as a shell command.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Liquidvpn | Liquidvpn | <= 1.37 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/150137/LiquidVPN-For-macOS-1.3.7-Privilege-ExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2018/Nov/1ExploitMailing ListThird Party Advisory
- https://www.exploit-db.com/exploits/45782/ExploitThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/150137/LiquidVPN-For-macOS-1.3.7-Privilege-ExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2018/Nov/1ExploitMailing ListThird Party Advisory
- https://www.exploit-db.com/exploits/45782/ExploitThird Party AdvisoryVDB Entry
FAQ
What is CVE-2018-18856?
CVE-2018-18856 is a vulnerability with a CVSS score of 7.8 (HIGH). Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client through 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execut...
How severe is CVE-2018-18856?
CVE-2018-18856 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-18856?
Check the references section above for vendor advisories and patch information. Affected products include: Liquidvpn Liquidvpn.