### Overview
A command injection vulnerability can be used in the Perimeter81 macOS application to run arbitrary commands with administrative privileges.
### Description
At the time, the latest Perimeter81 MacOS application (10.0.0.19) suffers from local privilege escalation vulnerability inside its com.perimeter81.osx.HelperTool. This HelperTool allows main application to setup things which require administrative privileges such as VPN connection, changing routing table, etc.
By combining insufficient checks of an XPC connection and creating a dictionary with the key “usingCAPath” a command can be appended within that value to be run with administrative privileges.
### Impact
By exploiting the vulnerability, attackers can run arbitrary commands with administrative privileges.
### Solution
The CERT/CC is currently unaware of a practical solution to this problem.
### Acknowledgements
Thanks to Erhad Husovic who also published vulnerability details via https://www.ns-echo.com/posts/cve_2023_33298.html
This document was written by Ben Koo.
### Vendor Information
653767
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
### Perimeter81 Unknown
Notified: 2023-05-16 Updated: 2023-07-20 **CVE-2023-33298**| Unknown
—|—
#### Vendor Statement
We have not received a statement from the vendor.
### References
*
*
### Other Information
**CVE IDs:** | [CVE-2023-33298 ]()
—|—
**API URL: ** | VINCE JSON | CSAF
**Date Public:** | 2023-07-20
**Date First Published:** | 2023-07-20
**Date Last Updated: ** | 2023-07-20 18:25 UTC
**Document Revision: ** | 1Read More