Obdev: >> Little Snitch >> 4.3.1 Security Vulnerabilities
Little Snitch version 4.5.1 and older changed ownership of a directory path controlled by the user. This allowed the user to escalate to root by linking the path to a directory containing code executed by root.
CVSS Score
8.8
EPSS Score
0.006
Published
2020-06-30
Little Snitch versions 4.3.0 to 4.3.2 have a local privilege escalation vulnerability in their privileged helper tool. The privileged helper tool implements an XPC interface which is available to any process and allows directory listings and copying files as root.
CVSS Score
5.5
EPSS Score
0.0
Published
2019-08-23