cpe:/a:haystacksoftware:arq:5.10 CVE-2017-16928 2018-01-31T15:29:00.493-05:00 2019-10-02T20:03:26.223-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2018-02-13T23:39:32.423-05:00 EXPLOIT-DB 43925 MISC http://packetstormsecurity.com/files/146158/Arq-5.10-Local-Privilege-Escalation.html MISC https://m4.rkw.io/blog/two-local-root-privesc-bugs-in-arq-backup--510.html The arq_updater binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted update URL, as demonstrated by file:///tmp/blah/Arq.zip.