Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-23877

Summary
Assigner-trellix
Assigner Org ID-01626437-bf8f-4d1c-912a-893b5eb04808
Published At-26 Oct, 2021 | 21:40
Updated At-03 Aug, 2024 | 19:14
Rejected At-
Credits

McAfee Total Protection (MTP) - Privilege Escalation vulnerability

Privilege escalation vulnerability in the Windows trial installer of McAfee Total Protection (MTP) prior to 16.0.34_x may allow a local user to run arbitrary code as the admin user by replacing a specific temporary file created during the installation of the trial version of MTP.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:trellix
Assigner Org ID:01626437-bf8f-4d1c-912a-893b5eb04808
Published At:26 Oct, 2021 | 21:40
Updated At:03 Aug, 2024 | 19:14
Rejected At:
▼CVE Numbering Authority (CNA)
McAfee Total Protection (MTP) - Privilege Escalation vulnerability

Privilege escalation vulnerability in the Windows trial installer of McAfee Total Protection (MTP) prior to 16.0.34_x may allow a local user to run arbitrary code as the admin user by replacing a specific temporary file created during the installation of the trial version of MTP.

Affected Products
Vendor
McAfee, LLCMcAfee
Product
McAfee Total Protection (MTP)
Versions
Affected
  • From unspecified before 16.0.34 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-269CWE-269 Improper Privilege Management
Type: CWE
CWE ID: CWE-269
Description: CWE-269 Improper Privilege Management
Metrics
VersionBase scoreBase severityVector
3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS103215
x_refsource_MISC
Hyperlink: https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS103215
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS103215
x_refsource_MISC
x_transferred
Hyperlink: https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS103215
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:trellixpsirt@trellix.com
Published At:26 Oct, 2021 | 22:15
Updated At:07 Nov, 2023 | 03:30

Privilege escalation vulnerability in the Windows trial installer of McAfee Total Protection (MTP) prior to 16.0.34_x may allow a local user to run arbitrary code as the admin user by replacing a specific temporary file created during the installation of the trial version of MTP.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
McAfee, LLC
mcafee
>>total_protection>>Versions before 16.0.34(exclusive)
cpe:2.3:a:mcafee:total_protection:*:*:*:*:free_trial:*:*:*
Weaknesses
CWE IDTypeSource
CWE-269Primarynvd@nist.gov
CWE-269Secondarytrellixpsirt@trellix.com
CWE ID: CWE-269
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-269
Type: Secondary
Source: trellixpsirt@trellix.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS103215trellixpsirt@trellix.com
N/A
Hyperlink: https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS103215
Source: trellixpsirt@trellix.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

843Records found
CVE-2021-23874
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-8.2||HIGH
EPSS-0.83% / 73.63%
||
7 Day CHG~0.00%
Published-10 Feb, 2021 | 10:25
Updated-30 Jul, 2025 | 01:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-11-17||Apply updates per vendor instructions.
McAfee Total Protection (MTP) privilege escalation vulnerability

Arbitrary Process Execution vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and execute arbitrary code bypassing MTP self-defense.

Action-Not Available
Vendor-McAfee, LLC
Product-total_protectionMcAfee Total Protection (MTP)McAfee Total Protection (MTP)
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2021-23893
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-8.8||HIGH
EPSS-0.03% / 5.45%
||
7 Day CHG~0.00%
Published-01 Oct, 2021 | 09:25
Updated-03 Aug, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation vulnerability in McAfee Drive Encryption (MDE)

Privilege Escalation vulnerability in a Windows system driver of McAfee Drive Encryption (DE) prior to 7.3.0 could allow a local non-admin user to gain elevated system privileges via exploiting an unutilized memory buffer.

Action-Not Available
Vendor-McAfee, LLC
Product-drive_encryptionMcAfee Drive Encryption (MDE)
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-23880
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 15.38%
||
7 Day CHG~0.00%
Published-10 Feb, 2021 | 09:15
Updated-16 Sep, 2024 | 22:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Access Control in the ENS installer

Improper Access Control in attribute in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows authenticated local administrator user to perform an uninstallation of the anti-malware engine via the running of a specific command with the correct parameters.

Action-Not Available
Vendor-McAfee, LLC
Product-endpoint_securityEndpoint Security (ENS) for Windows
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-23891
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.72%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 09:00
Updated-03 Aug, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation vulnerability in McAfee Total Protection (MTP)

Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by impersonating a client token which could lead to the bypassing of MTP self-defense.

Action-Not Available
Vendor-McAfee, LLC
Product-total_protectionMcAfee Total Protection (MTP)
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-7289
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.11% / 30.57%
||
7 Day CHG~0.00%
Published-08 May, 2020 | 12:40
Updated-17 Sep, 2024 | 03:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation vulnerability in MAR for Windows

Privilege Escalation vulnerability in McAfee Active Response (MAR) for Windows prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

Action-Not Available
Vendor-McAfee, LLCMicrosoft Corporation
Product-windowsactive_responseMcAfee Active Response (MAR) for Windows
CWE ID-CWE-274
Improper Handling of Insufficient Privileges
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-7285
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.98%
||
7 Day CHG~0.00%
Published-08 May, 2020 | 12:35
Updated-17 Sep, 2024 | 02:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation vulnerability in MVISION Endpoint

Privilege Escalation vulnerability in McAfee MVISION Endpoint prior to 20.5.0.94 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

Action-Not Available
Vendor-McAfee, LLC
Product-mvision_endpointMcAfee MVISION Endpoint
CWE ID-CWE-274
Improper Handling of Insufficient Privileges
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-7254
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-7.7||HIGH
EPSS-0.10% / 28.25%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 11:00
Updated-16 Sep, 2024 | 20:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege escalation in Advanced Threat Defense

Privilege Escalation vulnerability in the command line interface in McAfee Advanced Threat Defense (ATD) 4.x prior to 4.8.2 allows local users to execute arbitrary code via improper access controls on the sudo command.

Action-Not Available
Vendor-McAfee, LLC
Product-advanced_threat_defenseMcAfee Advanced Threat Defense (ATD)
CWE ID-CWE-264
Not Available
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-7280
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.74%
||
7 Day CHG~0.00%
Published-10 Jun, 2020 | 11:52
Updated-16 Sep, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Symbolic Link vulnerability during DAT update

Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing dependent.

Action-Not Available
Vendor-McAfee, LLC
Product-virusscan_enterpriseMcAfee VirusScan Enterprise (VSE)
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-7288
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.98%
||
7 Day CHG~0.00%
Published-08 May, 2020 | 12:40
Updated-17 Sep, 2024 | 03:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation vulnerability in EDR for Mac

Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Mac prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

Action-Not Available
Vendor-McAfee, LLCApple Inc.
Product-endpoint_detection_and_responsemacosMcAfee Exploit Detection and Response (EDR) for Mac
CWE ID-CWE-274
Improper Handling of Insufficient Privileges
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-7287
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.98%
||
7 Day CHG~0.00%
Published-08 May, 2020 | 12:40
Updated-16 Sep, 2024 | 19:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation vulnerability in EDR for Linux

Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Linux prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

Action-Not Available
Vendor-Linux Kernel Organization, IncMcAfee, LLC
Product-endpoint_detection_and_responselinux_kernelMcAfee Exploit Detection and Response (EDR) for Linux
CWE ID-CWE-274
Improper Handling of Insufficient Privileges
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-7290
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.98%
||
7 Day CHG~0.00%
Published-08 May, 2020 | 12:45
Updated-17 Sep, 2024 | 00:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation vulnerability in MAR for Linux

Privilege Escalation vulnerability in McAfee Active Response (MAR) for Linux prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

Action-Not Available
Vendor-Linux Kernel Organization, IncMcAfee, LLC
Product-active_responselinux_kernelMcAfee Active Response (MAR) for Linux
CWE ID-CWE-274
Improper Handling of Insufficient Privileges
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-7286
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.98%
||
7 Day CHG~0.00%
Published-08 May, 2020 | 12:35
Updated-16 Sep, 2024 | 19:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation vulnerability in EDR for Windows

Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Windows prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

Action-Not Available
Vendor-McAfee, LLCMicrosoft Corporation
Product-windowsendpoint_detection_and_responseMcAfee Exploit Detection and Response (EDR) for Windows
CWE ID-CWE-274
Improper Handling of Insufficient Privileges
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-7291
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.98%
||
7 Day CHG~0.00%
Published-08 May, 2020 | 12:45
Updated-16 Sep, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation vulnerability MAR for Mac

Privilege Escalation vulnerability in McAfee Active Response (MAR) for Mac prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

Action-Not Available
Vendor-McAfee, LLCApple Inc.
Product-active_responsemacosMcAfee Active Response (MAR) for Mac
CWE ID-CWE-274
Improper Handling of Insufficient Privileges
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-1823
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-7.9||HIGH
EPSS-0.17% / 39.15%
||
7 Day CHG~0.00%
Published-20 Jun, 2022 | 10:15
Updated-03 Aug, 2024 | 00:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
McAfee MCPR privilege escalation

Improper privilege management vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land) attack. This could result in the user gaining elevated permissions and being able to execute arbitrary code, through not correctly checking the integrity of the configuration file.

Action-Not Available
Vendor-McAfee, LLC
Product-consumer_product_removal_toolMcAfee Consumer Product Removal Tool
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-1256
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.31%
||
7 Day CHG~0.00%
Published-14 Apr, 2022 | 13:45
Updated-02 Aug, 2024 | 23:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Privilege Management in McAfee Agent for Windows

A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. Temporary file actions were performed on the local user's %TEMP% directory with System privileges through manipulation of symbolic links.

Action-Not Available
Vendor-McAfee, LLC
Product-agentMcAfee Agent for Windows
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2019-3585
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-7||HIGH
EPSS-0.04% / 9.66%
||
7 Day CHG~0.00%
Published-10 Jun, 2020 | 11:42
Updated-16 Sep, 2024 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
VSE Escalation of Privileges through Alert pop-up window

Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges.

Action-Not Available
Vendor-McAfee, LLC
Product-virusscan_enterpriseMcAfee VirusScan Enterprise (VSE)
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-31833
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-7.1||HIGH
EPSS-0.05% / 13.98%
||
7 Day CHG~0.00%
Published-04 Jan, 2022 | 09:45
Updated-03 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential product security bypass vulnerability in McAfee Application and Change Control (MACC) prior to version 8.3.4 allows a locally logged in attacker to circumvent the application solidification protection provided by MACC, permitting them to run applications that would usually be prevented by MACC. This would require the attacker to rename the specified binary to match name of any configured updater and perform a specific set of steps, resulting in the renamed binary to be to run.

Action-Not Available
Vendor-McAfee, LLC
Product-application_and_change_controlMcAfee Application and Change Control (MACC)
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-23887
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.45%
||
7 Day CHG~0.00%
Published-15 Apr, 2021 | 07:55
Updated-03 Aug, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege escalation in McAfee DLP Endpoint for Windows

Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to write to arbitrary controlled kernel addresses. This is achieved by launching applications, suspending them, modifying the memory and restarting them when they are monitored by McAfee DLP through the hdlphook driver.

Action-Not Available
Vendor-McAfee, LLC
Product-data_loss_prevention_endpointMcAfee Data Loss Prevention (DLP) Endpoint for Windows
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-37025
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 35.25%
||
7 Day CHG+0.03%
Published-18 Aug, 2022 | 12:23
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper privilege management vulnerability in McAfee Security Scan Plus (MSS+) before 4.1.262.1 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land) attack. This could result in the user gaining elevated permissions and being able to execute arbitrary code due to lack of an integrity check of the configuration file.

Action-Not Available
Vendor-n/aMcAfee, LLC
Product-security_scan_plusn/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-23876
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.08%
||
7 Day CHG~0.00%
Published-10 Feb, 2021 | 10:25
Updated-03 Aug, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
McAfee Total Protection (MTP) Bypass Remote Procedure call vulnerability

Bypass Remote Procedure call in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file modification as the SYSTEM user potentially causing Denial of Service via executing carefully constructed malware.

Action-Not Available
Vendor-McAfee, LLC
Product-total_protectionMcAfee Total Protection (MTP)
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-7274
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-6.6||MEDIUM
EPSS-0.11% / 30.57%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 11:30
Updated-16 Sep, 2024 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ENS elevated permissions vulnerability

Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges).

Action-Not Available
Vendor-McAfee, LLC
Product-endpoint_securityMcAfee Endpoint Security (ENS)
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-7259
Matching Score-10
Assigner-Trellix
ShareView Details
Matching Score-10
Assigner-Trellix
CVSS Score-6.6||MEDIUM
EPSS-0.04% / 10.23%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 11:55
Updated-17 Sep, 2024 | 00:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unsigned executable vulnerability in ENS can be used to bypass intended self-protection rules

Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to bypass local security protection via a carefully crafted input file

Action-Not Available
Vendor-McAfee, LLC
Product-endpoint_securityMcAfee Endpoint Security (ENS)
CWE ID-CWE-264
Not Available
CWE ID-CWE-269
Improper Privilege Management
CVE-2000-0119
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.96% / 75.47%
||
7 Day CHG~0.00%
Published-08 Feb, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection.

Action-Not Available
Vendor-n/aMcAfee, LLCSymantec Corporation
Product-virusscannorton_antivirusn/a
CVE-2018-6662
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-7.5||HIGH
EPSS-0.07% / 20.99%
||
7 Day CHG~0.00%
Published-05 Jun, 2018 | 14:00
Updated-16 Sep, 2024 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SB10232 - McAfee Management of Native Encryption (MNE) - Privilege Escalation vulnerability

Privilege Escalation vulnerability in McAfee Management of Native Encryption (MNE) before 4.1.4 allows local users to gain elevated privileges via a crafted user input.

Action-Not Available
Vendor-McAfee, LLCApple Inc.
Product-mac_os_xmanagement_of_native_encryptionMcAfee Management of Native Encryption (MNE)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-6705
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-2.3||LOW
EPSS-0.11% / 30.86%
||
7 Day CHG~0.00%
Published-12 Dec, 2018 | 20:00
Updated-05 Aug, 2024 | 06:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
McAfee Agent (MA) for Linux Privilege Escalation vulnerability

Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions.

Action-Not Available
Vendor-McAfee, LLC
Product-agentMcAfee Agent (MA) for Linux
CWE ID-CWE-377
Insecure Temporary File
CVE-2018-6704
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-4.7||MEDIUM
EPSS-0.05% / 13.33%
||
7 Day CHG~0.00%
Published-12 Dec, 2018 | 20:00
Updated-05 Aug, 2024 | 06:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
McAfee Agent for Linux Privilege Escalation vulnerability

Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions.

Action-Not Available
Vendor-McAfee, LLC
Product-agentMcAfee Agent (MA) for Linux
CWE ID-CWE-377
Insecure Temporary File
CVE-2018-6689
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-7||HIGH
EPSS-0.04% / 10.12%
||
7 Day CHG~0.00%
Published-03 Oct, 2018 | 12:00
Updated-05 Aug, 2024 | 06:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Data Loss Prevention Endpoint (DLPe) - Authentication Bypass vulnerability

Authentication Bypass vulnerability in McAfee Data Loss Prevention Endpoint (DLPe) 10.0.x earlier than 10.0.510, and 11.0.x earlier than 11.0.600 allows attackers to bypass local security protection via specific conditions.

Action-Not Available
Vendor-McAfee, LLC
Product-data_loss_prevention_endpointData Loss Prevention Endpoint (DLPe)
CWE ID-CWE-287
Improper Authentication
CVE-2023-0978
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-6.4||MEDIUM
EPSS-0.15% / 35.79%
||
7 Day CHG~0.00%
Published-13 Mar, 2023 | 13:29
Updated-27 Feb, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier, allows a local user to inject and execute arbitrary operating system commands using specially crafted strings. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI command. The vulnerability allows the attack

Action-Not Available
Vendor-Musarubra US LLC (Trellix)McAfee, LLC
Product-advanced_threat_defenseintelligent_sandboxTrellix Intelligent Sandbox
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2015-3987
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 22.54%
||
7 Day CHG~0.00%
Published-14 May, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unquoted Windows search path vulnerabilities in the (1) Client Management and (2) Gateway in McAfee ePO Deep Command 2.1 and 2.2 before HF 1058831 allow local users to gain privileges via unspecified vectors.

Action-Not Available
Vendor-n/aMcAfee, LLC
Product-epo_deep_commandn/a
CWE ID-CWE-426
Untrusted Search Path
CVE-2021-31837
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-8.8||HIGH
EPSS-0.07% / 20.58%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 13:45
Updated-03 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of bounds write vulnerability in McAfee GetSusp

Memory corruption vulnerability in the driver file component in McAfee GetSusp prior to 4.0.0 could allow a program being investigated on the local machine to trigger a buffer overflow in GetSusp, leading to the execution of arbitrary code, potentially triggering a BSOD.

Action-Not Available
Vendor-McAfee, LLC
Product-getsuspMcAfee GetSusp
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-23872
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.84%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 09:00
Updated-03 Aug, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation vulnerability in McAfee Total Protection (MTP)

Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by manipulating a symbolic link in the IOCTL interface.

Action-Not Available
Vendor-McAfee, LLC
Product-total_protectionMcAfee Total Protection (MTP)
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-23879
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 17.43%
||
7 Day CHG~0.00%
Published-15 Mar, 2021 | 18:40
Updated-17 Sep, 2024 | 03:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unquoted service path vulnerability in McAfee Endpoint Product Removal (EPR) Tool prior to 21.2 allows local administrators to execute arbitrary code, with higher-level privileges, via execution from a compromised folder. The tool did not enforce and ...

Unquoted service path vulnerability in McAfee Endpoint Product Removal (EPR) Tool prior to 21.2 allows local administrators to execute arbitrary code, with higher-level privileges, via execution from a compromised folder. The tool did not enforce and protect the execution path. Local admin privileges are required to place the files in the required location.

Action-Not Available
Vendor-McAfee, LLC
Product-endpoint_product_removal_toolEndpoint Product Removal Tool
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-7263
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-6.5||MEDIUM
EPSS-0.04% / 10.36%
||
7 Day CHG~0.00%
Published-01 Apr, 2020 | 06:40
Updated-16 Sep, 2024 | 23:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ENS configuration can be edited by attacker with local administrator permissions

Improper access control vulnerability in ESconfigTool.exe in McAfee Endpoint Security (ENS) for Windows all current versions allows local administrator to alter ENS configuration up to and including disabling all protection offered by ENS via insecurely implemented encryption of configuration for export and import.

Action-Not Available
Vendor-McAfee, LLC
Product-endpoint_securityEndpoint Security (ENS) for Window
CWE ID-CWE-264
Not Available
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-7346
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.31% / 53.37%
||
7 Day CHG~0.00%
Published-23 Mar, 2021 | 16:05
Updated-04 Aug, 2024 | 09:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege escalation in McAfee DLP Endpoint for Windows

Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to load DLLs of the attacker's choosing. This requires the creation and removal of junctions by the attacker along with sending a specific IOTL command at the correct time.

Action-Not Available
Vendor-McAfee, LLC
Product-data_loss_preventionMcAfee Data Loss Prevention (DLP) Endpoint for Windows
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2020-7250
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-8.2||HIGH
EPSS-0.09% / 27.03%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 12:45
Updated-16 Sep, 2024 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ENS symbolic link log file manipulation vulnerability

Symbolic link manipulation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows authenticated local user to potentially gain an escalation of privileges by pointing the link to files which the user which not normally have permission to alter via carefully creating symbolic links from the ENS log file directory.

Action-Not Available
Vendor-McAfee, LLC
Product-endpoint_securityMcAfee Endpoint Security (ENS)
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2020-7337
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 7.25%
||
7 Day CHG~0.00%
Published-09 Dec, 2020 | 08:40
Updated-16 Sep, 2024 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Permission Assignment for Critical Resource

Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks.

Action-Not Available
Vendor-McAfee, LLC
Product-virusscan_enterpriseVirusScan Enterprise (VSE)
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-7316
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-6.6||MEDIUM
EPSS-0.06% / 17.45%
||
7 Day CHG~0.00%
Published-07 Oct, 2020 | 18:40
Updated-04 Aug, 2024 | 09:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
File and Removable Media Protection update fixes one vulnerability

Unquoted service path vulnerability in McAfee File and Removable Media Protection (FRP) prior to 5.3.0 allows local users to execute arbitrary code, with higher privileges, via execution and from a compromised folder. This issue may result in files not being encrypted when a policy is triggered.

Action-Not Available
Vendor-McAfee, LLC
Product-file_and_removable_media_protectionFile & Removable Media Protection (FRP)
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-7325
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 13.61%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 09:45
Updated-17 Sep, 2024 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation vulnerability in MVISION Endpoint

Privilege Escalation vulnerability in McAfee MVISION Endpoint prior to 20.9 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file.

Action-Not Available
Vendor-McAfee, LLC
Product-mvision_endpointMVISION Endpoint
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2020-7331
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.32%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 09:40
Updated-16 Sep, 2024 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unquoted service executable path in McAfee Endpoint Security (ENS)

Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files.

Action-Not Available
Vendor-McAfee, LLC
Product-endpoint_securityMcAfee Endpoint Security (ENS)
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-7326
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-6||MEDIUM
EPSS-0.05% / 15.50%
||
7 Day CHG~0.00%
Published-15 Oct, 2020 | 09:45
Updated-16 Sep, 2024 | 20:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
McAfee MAR - Improperly implemented security check

Improperly implemented security check in McAfee Active Response (MAR) prior to 2.4.4 may allow local administrators to execute malicious code via stopping a core Windows service leaving McAfee core trust component in an inconsistent state resulting in MAR failing open rather than closed

Action-Not Available
Vendor-McAfee, LLC
Product-active_responseMcAfee Active Response
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2020-7315
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-6||MEDIUM
EPSS-0.15% / 36.06%
||
7 Day CHG~0.00%
Published-10 Sep, 2020 | 09:55
Updated-16 Sep, 2024 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DLL Injection vulnerability in MA for Windows

DLL Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to execute arbitrary code via careful placement of a malicious DLL.

Action-Not Available
Vendor-McAfee, LLC
Product-mcafee_agentMA for Windows
CWE ID-CWE-426
Untrusted Search Path
CVE-2020-7284
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-8.6||HIGH
EPSS-0.05% / 13.79%
||
7 Day CHG~0.00%
Published-03 Jul, 2020 | 18:40
Updated-04 Aug, 2024 | 09:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Network Security Management (NSM) - Exposure of Sensitive Information

Exposure of Sensitive Information in McAfee Network Security Management (NSM) prior to 10.1.7.7 allows local users to gain unauthorised access to the root account via execution of carefully crafted commands from the restricted command line interface (CLI).

Action-Not Available
Vendor-McAfee, LLC
Product-network_security_managementNetwork Security Management (NSM)
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2023-25134
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.05%
||
7 Day CHG~0.00%
Published-21 Mar, 2023 | 00:00
Updated-28 Feb, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

McAfee Total Protection prior to 16.0.50 may allow an adversary (with full administrative access) to modify a McAfee specific Component Object Model (COM) in the Windows Registry. This can result in the loading of a malicious payload.

Action-Not Available
Vendor-n/aMcAfee, LLC
Product-total_protectionn/a
CVE-2023-24579
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.38%
||
7 Day CHG~0.00%
Published-13 Mar, 2023 | 00:00
Updated-03 Mar, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

McAfee Total Protection prior to 16.0.51 allows attackers to trick a victim into uninstalling the application via the command prompt.

Action-Not Available
Vendor-n/aMcAfee, LLC
Product-total_protectionn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2005-4505
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.21% / 44.05%
||
7 Day CHG~0.00%
Published-23 Dec, 2005 | 00:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path.

Action-Not Available
Vendor-n/aMcAfee, LLC
Product-virusscan_enterprisecommon_management_agentn/a
CVE-2004-0831
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.93%
||
7 Day CHG~0.00%
Published-24 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

McAfee VirusScan 4.5.1 does not drop SYSTEM privileges before allowing users to browse for files via the "System Scan" properties of the System Tray applet, which could allow local users to gain privileges.

Action-Not Available
Vendor-n/aMcAfee, LLC
Product-virusscann/a
CVE-2022-0129
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-7.4||HIGH
EPSS-0.06% / 18.53%
||
7 Day CHG~0.00%
Published-11 Jan, 2022 | 17:10
Updated-02 Aug, 2024 | 23:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DLL Highjack vulnerability in McAfee TechCheck utility

Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from.

Action-Not Available
Vendor-McAfee, LLC
Product-techcheckMcAfee TechCheck
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-0166
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.59%
||
7 Day CHG~0.00%
Published-19 Jan, 2022 | 11:05
Updated-02 Aug, 2024 | 23:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege escalation vulnerability in McAfee Agent

A privilege escalation vulnerability in the McAfee Agent prior to 5.7.5. McAfee Agent uses openssl.cnf during the build process to specify the OPENSSLDIR variable as a subdirectory within the installation directory. A low privilege user could have created subdirectories and executed arbitrary code with SYSTEM privileges by creating the appropriate pathway to the specifically created malicious openssl.cnf file.

Action-Not Available
Vendor-McAfee, LLC
Product-agentMcAfee Agent for Windows
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-0859
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-6.5||MEDIUM
EPSS-0.04% / 8.79%
||
7 Day CHG~0.00%
Published-23 Mar, 2022 | 14:20
Updated-02 Aug, 2024 | 23:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ePO database restoration vulnerability

McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a local attacker to point an ePO server to an arbitrary SQL server during the restoration of the ePO server. To achieve this the attacker would have to be logged onto the server hosting the ePO server (restricted to administrators) and to know the SQL server password.

Action-Not Available
Vendor-McAfee, LLC
Product-epolicy_orchestratorMcAfee ePolicy Orchestrator (ePO)
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2019-3663
Matching Score-8
Assigner-Trellix
ShareView Details
Matching Score-8
Assigner-Trellix
CVSS Score-9.8||CRITICAL
EPSS-0.44% / 62.21%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 23:50
Updated-04 Aug, 2024 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Advanced Threat Defense (ATD) - Unprotected storage of shared credentials vulnerability

Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the system. This was originally published with a CVSS rating of High, further investigation has resulted in this being updated to Critical. The root password is common across all instances of ATD prior to 4.8. See the Security bulletin for further details

Action-Not Available
Vendor-McAfee, LLC
Product-advanced_threat_defenseAdvanced Threat Defense (ATD)
CWE ID-CWE-522
Insufficiently Protected Credentials
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 16
  • 17
  • Next
Details not found