CVE-2017-17809

https://nvd.nist.gov/vuln/detail/CVE-2017-17809

Golden Frog

VyprVPN for MacOS < 2.15.0.5828

The VyprVPN's vyprvpnservice launch daemon has an unprotected XPC service that allows attackers to update the underlying OpenVPN configuration and the arguments passed to OpenVPN binary when executed. An attacker can abuse this vulnerability by forcing the VyprVPN application to load a malicious dynamic library every time a new connection is made.

https://github.com/VerSprite/research/tree/master/exploits/VS-2017-007

Golden Frog accepted and remediated the vulnerability

• 2017-12-08 - Contacted Gold Frog Support and asked to be put in touch with a security resource for the disclosure process
• 2017-12-08 - Golden Frog Supported responded requesting details about the vulnerability
• 2017-12-08 - Responded to Gold Frog Support with the requested details
• 2017-12-08 - Golden Frog Support asked that the details be forwarded to product@goldenfrog.com, I complied
• 2017-12-11 - A Golden Frog technical representative asked for the vulnerability details again, I complied
• 2017-12-13 - The Golden Frog technical representative informed me they had a fix and asked for a proof of concept
• 2017-12-15 - The Golden Frog technical representative apprised me they would be scheduling a product update for the following week
• 2017-12-20 - The VyprVPN for MacOS update is made available
• 2017-12-20 - Advisory is released

Benjamin Watson of VerSprite Security (@rotlogix)