Vulnerabilities > CVE-2018-6822 - Unspecified vulnerability in Purevpn

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
purevpn
critical

Summary

In PureVPN 6.0.1 on macOS, HelperTool LaunchDaemon implements an unprotected XPC service that can be abused to execute system commands as root.

Vulnerable Configurations

Part Description Count
Application
Purevpn
1