CVE-2018-7493

Vulnerability

CactusVPN for macOS versions through 6.0 expose a root privilege escalation vulnerability in the application’s privileged helper tool. The helper tool implements an XPC interface that grants any arbitrary application the ability to execute system commands with root privileges. No authentication or specific configuration is required; the interface is accessible to any local process [1].

Exploitation

An attacker with local non-root access to the system can send crafted XPC messages to the privileged helper tool, which then executes arbitrary system commands as root. No additional user interaction is needed beyond running the malicious application on the same machine [1].

Impact

Successful exploitation results in full root-level code execution on the affected macOS host. The attacker gains complete control over the operating system, including the ability to install software, modify system files, and access any user data [1].

Mitigation

The vendor released an update to address the vulnerability; fixed versions are available from CactusVPN. Users should upgrade to the latest version (6.0 or later is reportedly fixed per the disclosure timeline, though the advisory states versions before 6.0 are affected). No workaround is documented. The vulnerability is not listed on CISA’s Known Exploited Vulnerabilities catalog (as of this writing). [1]