Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2018-16962

Published: 12/09/2018 Updated: 08/09/2021
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Webroot

Vulnerability Summary

Webroot SecureAnywhere prior to 9.0.8.34 on macOS mishandles access to the driver by a process that lacks root privileges.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

webroot secureanywhere

Recent Articles

Kernel sanders: Webroot vuln creates route to root Macs
The Register • John Leyden • 14 Sep 2018

Patched flaw hard to exploit, but serious once you get there, warn infoseccers Webroot antivirus goes bananas, starts trashing Windows system files

Details of a locally exploitable but kernel-level flaw in Webroot's SecureAnywhere macOS security software were revealed yesterday, months after the bug was patched. The fact that the memory corruption bug (CVE-2018-16962) is locally exploitable limited its utility to black hats. If it was the only tool in their kit, it would be of little use to your average bad guy. The hacker would have to be either already logged into a vulnerable Mac themselves or have passed the point where they had already...

Read more...

References

CWE-123http://answers.webroot.com/Webroot/ukp.aspx?pid=10&app=vw&vw=1&login=1&json=1&solutionid=2022https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2018-009/?fid=11720https://www.trustwave.com/Resources/SpiderLabs-Blog/CVE-2018-16962--Webroot-SecureAnywhere-macOS-Kernel-Level-Memory-Corruption/https://nvd.nist.govhttps://www.theregister.co.uk/2018/09/14/webroot_macos_vuln/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120CVE-2024-35921CVE-2024-35874brute forceCVE-2024-36080unprivilegedCVE-2024-35917IDORCVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook