CVE-2018-6823

CVE: CVE-2018-6823
Published: 2018-02-07T16:29Z
Description Language: en
Description: In the VPN client in Mailbutler Shimo before 4.1.5.1 on macOS, the com.feingeist.shimo.helper tool LaunchDaemon implements an unprotected XPC service that can be abused to execute scripts as root.
References:
https://github.com/VerSprite/research/blob/master/advisories/VS-2018-001.md