Vulnerabilities > CVE-2018-16962 - Write-what-where Condition vulnerability in Webroot Secureanywhere
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Webroot SecureAnywhere before 9.0.8.34 on macOS mishandles access to the driver by a process that lacks root privileges.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- http://answers.webroot.com/Webroot/ukp.aspx?pid=10&app=vw&vw=1&login=1&json=1&solutionid=2022
- https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2018-009/?fid=11720
- https://www.trustwave.com/Resources/SpiderLabs-Blog/CVE-2018-16962--Webroot-SecureAnywhere-macOS-Kernel-Level-Memory-Corruption/