Root Privilege Escalation Vulnerability in Kromtech MacKeeper 3.20.4
CVE-2018-10171 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its `com.mackeeper.AdwareAnalyzer.AdwareAnalyzerPrivilegedHelper` component. The AdwareAnalzyerPrivilegedHelper tool implements an XPC service that allows an unprivileged application to connect and execute shell scripts as the root user.
Learn more about our User Device Pen Test.