CVE-2018-4055

A local privilege escalation vulnerability exists in the install helper tool of the Mac OS X version of Pixar Renderman, version 22.2.0. A user with local access can use this vulnerability to read any root file from the file system. An attacker would need local access to the machine to successfully exploit this flaw.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
talosCNA
7.1 HIGH
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
VendorProductVersion
pixarrenderman
22.2.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://talosintelligence.com/vulnerability_reports/TALOS-2018-0729
https://talosintelligence.com/vulnerability_reports/TALOS-2018-0729