Main Vulnerability Database Vulnerabilities #VU8246

#VU8246 Privilege escalation in Xamarin.iOS - CVE-2017-8665

Published: August 14, 2017 / Updated: September 14, 2018

Vulnerability identifier: #VU8246

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear

CVE-ID: CVE-2017-8665

CWE-ID: CWE-264

Exploitation vector: Local access

Exploit availability: Public exploit is available

Vulnerable software:
Xamarin.iOS

Software vendor:
Microsoft

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The vulnerability exists in the Xamarin.iOS update component due to improper handling of directories and binaries. A local attacker can gain root privileges and execute arbitrary code.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install updates from vendor's website.

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8665

#VU8246 Privilege escalation in Xamarin.iOS - CVE-2017-8665

Description

Remediation

External links

Please verify you're human