EIP-2026-104599

PRE-CVE

HideMyAss Pro VPN Client for OS X 2.2.7.0 - Local Privilege Escalation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104599. PoCs published by Han Sahin.

AI-analyzed exploit summary The advisory details multiple local privilege escalation vulnerabilities in the HMAHelper binary of HideMyAss Pro VPN for OS X, which is installed setuid root. The helper allows arbitrary command execution as root due to insufficient validation in the FirewallDisable function, enabling local attackers to escalate privileges.

Description

HideMyAss Pro VPN Client for OS X 2.2.7.0 - Local Privilege Escalation

Exploits (1)

exploitdb WRITEUP

by Han Sahin · textlocalosx

https://www.exploit-db.com/exploits/41951

View Code ZIP pw:eip

The advisory details multiple local privilege escalation vulnerabilities in the HMAHelper binary of HideMyAss Pro VPN for OS X, which is installed setuid root. The helper allows arbitrary command execution as root due to insufficient validation in the FirewallDisable function, enabling local attackers to escalate privileges.

Classification

Writeup 95%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: HideMyAss Pro VPN for OS X version 2.2.7.0

No auth needed

Prerequisites: Local access to the system · Presence of the vulnerable HMAHelper binary

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026