EIP-2026-103372

PRE-CVE

HideMyAss Pro VPN Client for macOS 3.x - Local Privilege Escalation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103372. PoCs published by Han Sahin.

AI-analyzed exploit summary The exploit leverages a local privilege escalation vulnerability in HideMyAss Pro VPN v3.3.0.3 for macOS by replacing the openvpn binary with a malicious script, which is then executed with root privileges due to improper signature checks.

Description

HideMyAss Pro VPN Client for macOS 3.x - Local Privilege Escalation

Exploits (1)

exploitdb WORKING POC

by Han Sahin · textlocalmacos

https://www.exploit-db.com/exploits/41952

View Code ZIP pw:eip

The exploit leverages a local privilege escalation vulnerability in HideMyAss Pro VPN v3.3.0.3 for macOS by replacing the openvpn binary with a malicious script, which is then executed with root privileges due to improper signature checks.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: HideMyAss Pro VPN v3.3.0.3 for macOS

No auth needed

Prerequisites: Access to the target system · Ability to replace the openvpn binary

MITRE ATT&CK

T1548.002 - Bypass User Account Control T1059.006 - Python

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026