1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Security researchers found 'critical' flaw in IPVanish Mac VPN ap

    From TechnologyDaily@1337:1/100 to All on Thursday, March 05, 2026 11:45:35
    Security researchers found 'critical' flaw in IPVanish Mac VPN app here's
    all you need to know

    Date:
    Thu, 05 Mar 2026 11:39:48 +0000

    Description:
    A newly discovered high-severity vulnerability in the IPVanish macOS app allows local attackers to hijack the VPN's background processes, granting
    them root privileges without the user ever knowing.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Get the TechRadar Newsletter Sign up for
    breaking news, reviews, opinion, top tech deals, and more. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are
    now subscribed Your newsletter sign-up was successful An account already exists for this email address, please log in. Subscribe to our newsletter Security researchers found a critical flaw in the IPVanish Mac VPN app The
    bug can allow attackers to gain full control over a user's system IPVanish said to be "working on a fix," ensuring only OpenVPN is impacted A "critical privilege escalation vulnerability" has been discovered in the IPVanish VPN application for macOS, potentially allowing malicious actors to gain full control over a user's system.

    Discovered by cybersecurity researchers at SecureLayer7 , the flaw exploits the VPNs "privileged helper tool," a background component used to manage secure network connections. The researchers found that this tool only makes very limited efforts to verify who is asking to run commands. As a result,
    the bug "allows any unprivileged local process to execute arbitrary code as root without user interaction," experts warn. While IPVanish is a well-known name often compared to the best VPN services, the vulnerability has been assigned a severity score of 8.8 (High) and listed as "pending." You may like IPVanish launches Threat Protection Pro to stop malware even when youre not connected Security researchers warn Telegram links can doxx you even with a VPN What is IPVanish's Threat Protection tool and how can it keep me safer online?

    In a statement to TechRadar, a spokesman for IPVanish said the team is aware of the vulnerability with OpenVPN in the Mac VPN app and is "working on a
    fix" that will be released as soon as possible.

    "All macOS users will receive an automatic prompt to update to the latest version," said IPVanish, adding that customers who have never used OpenVPN
    are not affected.

    " WireGuard is the default protocol for new installations, meaning users who have only used the standard configuration wont be impacted," IPVanish added. What's IPVanish Mac vulnerability is about The vulnerability centers on how the IPVanish app communicates with its background "helper" tool for the OpenVPN protocol (the OpenVPNPath parameter). In macOS, these helper tools
    act like system administrators with top-level privileges to change important settings.

    According to the SecureLayer7 report , the problem is that this helper tool acts like a security guard who never checks IDs. It listens for instructions but only makes very limited efforts to verify who or what is sending them.

    In practice, this leaves the door wide open. Any app or program running on your Mac can send commands to this powerful helper. Because the tool doesn't make all the necessary checks to confirm that the request is coming from a safe or trusted source, malicious software can easily use it to gain total control over the computer. (Image credit: SecureLayer7) Researchers
    identified two main ways hackers can abuse this, both resulting "in the attackers script running as root," warn experts. What to read next IPVanish launches Threat Protection Pro to stop malware even when youre not connected Security researchers warn Telegram links can doxx you even with a VPN What
    is IPVanish's Threat Protection tool and how can it keep me safer online?

    First, an attacker can simply trick the OpenVPNPath parameter into launching
    a malicious program instead of the normal VPN software.

    The second method is even more concerning because it bypasses Apple's strict, built-in security guards. Normally, your Mac stops unapproved or dangerous software from running. However, the IPVanish's OpenVPNPath appears to have a major logic flaw: it only checks a file's safety signature if the file is already labeled as a running program (an "executable").

    Hackers can easily get around this by disguising their malicious code inside
    a harmless, non-running file. The IPVanish helper sees the harmless label, assumes it's safe, and skips the security check. Then, in a major blunder,
    the helper tool moves the file to a secure area and actually changes the file's settings itself, turning it into a running program and doing the hacker's job for them. Staying safe It is important to emphasize that this is a Local Privilege Escalation (LPE) vulnerability. This means a hacker cannot exploit this bug remotely over the internet just by knowing your IP address . The attack "requires only local access to the system where IPVanish VPN is installed," meaning a hacker must already have a foothold on your machine via malware or physical access.

    SecureLayer7 states that fixing this will require significant changes to the app's architecture. "The most critical immediate mitigation is implementing caller authentication in the XPC event handler," the firm advises.

    On their side, IPVanish ensures that only macOS users connecting to the OpenVPN protocol are impacted by this vulnerability.

    Yet, until IPVanish releases a patch, users should remain vigilant.

    "If a customer has used OpenVPN, please open the macOS Desktop software,
    click Settings, Protocol, and select OpenVPN. You will see a section called ' OpenVPN Driver '; please click the ' Uninstall ' button below that. This will solve the vulnerability before the upcoming release," IPVanish explains. Today's best VPN deals NordVPN 2 Year 2.59 /mth View +3 months free Surfshark 24 Months 1.49 /mth View Proton VPN 2.39 /mth View We check over 250 million products every day for the best prices Follow TechRadar on Google News and
    add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!



    ======================================================================
    Link to news story: https://www.techradar.com/vpn/vpn-privacy-security/security-researchers-found- critical-flaw-in-ipvanish-mac-vpn-app-heres-all-you-need-to-know


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)