In the VPN client in Mailbutler Shimo before 4.1.5.1 on macOS, the com.feingeist.shimo.helper tool LaunchDaemon implements an unprotected XPC service that can be abused to execute scripts as root.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Shimo | Mailbutler | * | 4.1.5.1 (excluding) |