Local Privilege Escalation Vulnerability in eVisitorPass via Fullscreen Button

Local Privilege Escalation Vulnerability in eVisitorPass via Fullscreen Button

CVE-2018-17493 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Fullscreen button. By visiting the kiosk and clicking the full screen button in the bottom right, an attacker could exploit this vulnerability to close the program and launch other processes on the system.

Learn more about our Cis Benchmark Audit For Apple Ios.