CVE-2021-31833

Potential product security bypass vulnerability in McAfee Application and Change Control MACC prior to version 8.3.4 allows a locally logged in attacker to circumvent the application solidification protection provided by MACC, permitting them to run applications that would usually be prevented by...

CVE-2021-31833

CVE-2021-31833 affects McAfee Application and Change Control (MACC) prior to 8.3.4. The vulnerability allows a locally logged-in attacker to bypass MACC’s solidification protection and run applications that would normally be blocked. Exploitation, as described in multiple sources, requires renami...

CVE-2020-7334 Improper privilege assignment vulnerability in the installer component of MACC

Improper privilege assignment vulnerability in the installer McAfee Application and Change Control MACC prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer. This version adds further...

CVE-2020-7260

DLL Side Loading vulnerability in the installer for McAfee Application and Change Control MACC prior to 8.3 allows local users to execute arbitrary code via execution from a compromised folder...

CVE-2020-7260 MACC installer DLL side loading

DLL Side Loading vulnerability in the installer for McAfee Application and Change Control MACC prior to 8.3 allows local users to execute arbitrary code via execution from a compromised folder...

CVE-2020-7260

CVE-2020-7260 describes a DLL side-loading vulnerability in the installer for McAfee Application and Change Control (MACC) prior to version 8.3, enabling local users to run arbitrary code by executing from a compromised folder. The issue is rooted in DLL loading during installation, with impact l...

ICSA-18-345-01 McAfee SINAMICS PERFECT HARMONY GH180

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low skill level to exploit Vendor: McAfee Equipment: SINAMICS PERFECT HARMONY GH180 Vulnerability: Improper Access Control 2. RISK EVALUATION These files can be executed to compromise the HMI, and by extension, the drive system. 3. TECHNICAL DETAILS...

CVE-2018-6690

Summary of CVE-2018-6690 (MACC): McAfee Application and Change Control (MACC) on Windows clients is affected by an improper access control flaw that enables an authenticated user to trigger execution of arbitrary code when transferring files from an external system via USB. The vulnerability affe...

CVE-2017-3912

The vulnerability CVE-2017-3912 affects McAfee Application and Change Control (MACC) versions 6.2.0 and 7.0.1. A local attacker can bypass password authentication in the software’s password management feature and, via a command-line utility, execute arbitrary commands on the affected system. The ...

CVE-2018-6690 McAfee Application Control (MAC) - Whitelist bypass using a hard drive solidified by MACC

Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control MACC 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system...

CVE-2017-3912 McAfee Application Control and Change Control (MACC) - password management security feature bypass (SFB) leading to an authentication bypass

Bypassing password security vulnerability in McAfee Application and Change Control MACC 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility...