eVisitorPass Local Privilege Escalation via Virtual Keyboard Help Dialog

eVisitorPass Local Privilege Escalation via Virtual Keyboard Help Dialog

CVE-2018-17495 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Help Dialog. By visiting the kiosk and removing the program from fullscreen, an attacker could exploit this vulnerability using the terminal to launch the command prompt.

Learn more about our Cis Benchmark Audit For Apple Ios.