Little Snitch version 3.0 through 3.7.3 suffer from a local privilege escalation vulnerability in the installer part. The vulnerability is related to the installation of the configuration file at.obdev.littlesnitchd.plist
which gets installed to /Library/LaunchDaemons
.
Credit to Patrick Wardle (synack.com) for discovering this issue.