Unprotected XPC Service in PureVPN 6.0.1 on macOS Allows Root-Level Command Execution
CVE-2018-6822 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
In PureVPN 6.0.1 on macOS, HelperTool LaunchDaemon implements an unprotected XPC service that can be abused to execute system commands as root.
Learn more about our Cis Benchmark Audit For Apple Macos.