Root Privilege Escalation Vulnerability in Kromtech MacKeeper 3.20.4

Root Privilege Escalation Vulnerability in Kromtech MacKeeper 3.20.4

CVE-2018-10171 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its `com.mackeeper.AdwareAnalyzer.AdwareAnalyzerPrivilegedHelper` component. The AdwareAnalzyerPrivilegedHelper tool implements an XPC service that allows an unprivileged application to connect and execute shell scripts as the root user.

Learn more about our User Device Pen Test.