Google Updater for MacOS CVE-2018-6084 Local Privilege Escalation Vulnerability



Google Updater for MacOS is prone to a local privilege-escalation vulnerability.
A local attacker can exploit this issue to gain elevated privileges; this may aid in launching further attacks.

Information

Bugtraq ID: 103468
Class: Serialization Error
CVE: CVE-2018-6084

Remote: No
Local: Yes
Published: Mar 21 2018 12:00AM
Updated: Mar 21 2018 12:00AM
Credit: ianbeer of Google Project Zero.
Vulnerable: Google Updater 2.4.2432.1652
Google Updater 2.4.1536.6592
Google Updater 0


Not Vulnerable:

Exploit


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.


References:

Related Posts

Comments