Shimo VPN service contains six unpatched vulnerabilities, Talos discovers



Written by

A series of vulnerabilities in virtual private network service Shimo’s Helper Tool, a popular app used to connect multiple VPNs for Mac operating systems, would make it possible for hackers to obtain root control, according to research published Monday by Cisco’s Talos research team.

Researchers detailed six vulnerabilities in the Shimo VPN Helper Tool that relies on to carry out its privileged work, according to a blog post. Details of the vulnerabilities were released after Cisco made “repeated attempts” to communicate with Shimo over 90 days to no avail, Talos said.

Shimo did not immediately respond to a request for comment from CyberScoop.

One vulnerability, listed as CVE-2018-4004, is a privilege escalation vulnerability that resides in the Shimo VPN helper’s disconnectService function, and would allow a “non-root user to kill privileged processes on the system.” Another, CVE-2018-4007, resides in the deleteConfig functionality and “could allow an attacker to delete any protected file on the system.” Shimo VPN version is known to be vulnerable, according to Cisco.

All of the vulnerabilities listed require an attacker to have local access to a device. A complete list of vulnerabilities and technical details is available on Cisco’s Talos blog.

This disclosure comes after the U.S. Department of Homeland Security on Friday alerted the public to a flaw in multiple enterprise VPN apps that could give hackers access to other apps running on a VPN connection, as CyberScoop reported. The issue involves insecure cookie storage in memory or log files. DHS said the vulnerability was present in apps made by Cisco, F5 Networks, Palo Alto Networks and Pulse Secure, though Carnegie Mellon University’s CERT Coordination Center said other VPN apps likely were affected.

Users rely on VPNs to protect their location and shield their internet activity at times when they might be especially vulnerable. Hackers, by breaching VPNs, can exploit the trust users place in VPNs for their own gain, either to steal business secrets, conduct espionage or for other purposes.

Shimo is advertised as the “Fort Knox of VPNs” in part because the company follows the “highest security standards,” according to its website.

-In this Story-

Cisco Talos, Shimo VPN, virtual private network (VPN)