Lucene search
K
McafeeTotal Protection

26 matches found

CVE
CVE
added 2021/02/10 10:25 a.m.1015 views

CVE-2021-23874

CVE-2021-23874 affects McAfee Total Protection (MTP) versions prior to 16.0.30. The vulnerability is an Arbitrary Process Execution leading to local privilege escalation and code execution by a local user, bypassing MTP self-defense. Affected component: MTP privilege management; root cause: impro...

8.2CVSS8.1AI score0.01026EPSS
In wild
CVE
CVE
added 2020/06/10 7:29 a.m.148 views

CVE-2019-3617

CVE-2019-3617 affects McAfee Total Protection (ToPS) for macOS prior to 4.6. A local user can escalate privileges to root due to incorrect protection of temporary files. Vulnerable component is ToPS for Mac OS; root-level impact is stated. Exploitation details are not provided in the supplied doc...

8.2CVSS8AI score0.00308EPSS
CVE
CVE
added 2019/09/13 1:5 p.m.128 views

CVE-2019-3646

CVE-2019-3646 affects Microsoft Windows client components of McAfee Total Protection (MTP) Free Antivirus Trial, up to and including version 16.0.R18. It is described as a DLL search order hijacking vulnerability that allows a local attacker with administrator rights to cause arbitrary code execu...

6.9CVSS6.6AI score0.01479EPSS
CVE
CVE
added 2020/07/03 1:25 p.m.78 views

CVE-2020-7282

CVE-2020-7282 affects McAfee Total Protection (MTP) prior to 16.0.R26. A local attacker can escalate privileges and delete files by exploiting symbolic-link manipulation that redirects a McAfee delete action to an unintended file, using a malicious script or program on the target machine. A fix e...

7.5CVSS6.3AI score0.00307EPSS
CVE
CVE
added 2020/07/03 1:30 p.m.70 views

CVE-2020-7283

CVE-2020-7283 is a privilege-escalation issue affecting McAfee Total Protection (MTP) prior to 16.0.R26. The vulnerability arises from symbolic link manipulation that lets a local attacker, who can run a malicious script/program on the target, create and edit files in locations they normally cann...

8.8CVSS7.9AI score0.00616EPSS
CVE
CVE
added 2023/03/21 12:0 a.m.65 views

CVE-2023-25134

Summary: CVE-2023-25134 affects McAfee Total Protection prior to 16.0.50. An adversary with full administrative access can modify a McAfee-specific COM in the Windows Registry, enabling loading of a malicious payload. Affected product/version: McAfee Total Protection pre-16.0.50. Root cause: insu...

6.7CVSS6.3AI score0.00261EPSS
CVE
CVE
added 2021/10/26 9:40 p.m.64 views

CVE-2021-23877

CVE-2021-23877 concerns the Windows trial installer of McAfee Total Protection (MTP) prior to version 16.0.34_x. The issue enables a local user to escalate privileges by replacing a specific temporary file created during installation, potentially allowing code execution with admin privileges. Aff...

7.8CVSS7.2AI score0.00358EPSS
CVE
CVE
added 2021/02/10 10:20 a.m.61 views

CVE-2021-23873

CVE-2021-23873 affects McAfee Total Protection (MTP) prior to version 16.0.30. The vulnerability is a local privilege escalation via manipulation of directory junctions in the QuickClean component, allowing a local attacker to gain SYSTEM privileges and perform arbitrary file deletions, potential...

7.8CVSS6.6AI score0.00654EPSS
CVE
CVE
added 2023/03/13 12:0 a.m.61 views

CVE-2023-24579

CVE-2023-24579 concerns McAfee Total Protection prior to 16.0.51. The vulnerability allows a local attacker to trick a user into uninstalling the product via the command prompt. The description does not include specific exploit details, affected components, or remediation steps in the provided do...

7.8CVSS5.5AI score0.00244EPSS
CVE
CVE
added 2009/04/30 8:0 p.m.60 views

CVE-2009-1348

CVE-2009-1348 affects McAfee antivirus products (VirusScan, Total Protection, Internet Security, SecurityShield for ISA Server/SharePoint, Security for Email Servers/Email Gateway, Active Virus Defense, etc.). The issue is a virus-detection bypass caused by malformed archive metadata in ZIP/RAR f...

7.6CVSS6.7AI score0.02835EPSS
CVE
CVE
added 2023/03/13 12:0 a.m.60 views

CVE-2023-24578

CVE-2023-24578 affects McAfee Total Protection prior to 16.0.49. The root cause is DLL sideloading in the product, allowing a local, low-privilege user to elevate privileges and perform unauthorized tasks. Affected software is McAfee Total Protection; the issue is tied to DLL search path handling...

5.5CVSS5.5AI score0.00254EPSS
CVE
CVE
added 2022/11/22 12:0 a.m.59 views

CVE-2022-43751

CVE-2022-43751 affects McAfee Total Protection prior to version 16.0.49. The issue is an uncontrolled search path element caused by a variable pointing to a subdirectory that may be controlled by an unprivileged user, potentially allowing arbitrary code execution with system privileges. Documente...

7.8CVSS7.8AI score0.0022EPSS
CVE
CVE
added 2019/11/13 8:55 a.m.58 views

CVE-2019-3648

CVE-2019-3648 is a local privilege-escalation in McAfee Total Protection for Windows (client) affecting 16.0.R22 and earlier. The root cause is privilege-protected file placements that allow an administrator to execute arbitrary code. Impact is local code execution with elevated privileges if a a...

7.2CVSS6.6AI score0.00661EPSS
CVE
CVE
added 2020/12/01 8:50 a.m.58 views

CVE-2020-7335

CVE-2020-7335 affects McAfee Total Protection for Windows prior to 16.0.29. The flaw is a local privilege escalation via manipulation of a folder using a junction link, exploiting a timing-related protection gap. Impact is elevated privileges (local user) with full system access in some vectors; ...

7.8CVSS7.5AI score0.00432EPSS
CVE
CVE
added 2020/07/03 1:25 p.m.56 views

CVE-2020-7281

This CVE affects McAfee Total Protection (MTP) before version 16.0.R26. The issue is a local privilege-escalation where an attacker can cause a McAfee delete operation to target an unintended file by manipulating symbolic links, via running a malicious script/program on the target. The root cause...

7.5CVSS6.3AI score0.00248EPSS
CVE
CVE
added 2021/02/10 10:25 a.m.56 views

CVE-2021-23876

CVE-2021-23876 affects McAfee Total Protection (MTP) prior to version 16.0.30. The vulnerability is a local bypass of Remote Procedure Call that allows a local user to gain SYSTEM privileges and perform arbitrary file modifications, potentially causing denial of service via malware execution. Evi...

7.8CVSS7.8AI score0.0043EPSS
CVE
CVE
added 2018/04/03 10:0 p.m.54 views

CVE-2017-4028

CVE-2017-4028 describes a registry misconfiguration vulnerability that affects all Microsoft Windows products within McAfee consumer and corporate offerings. The underlying issue is manipulation of registry parameters to inject arbitrary code into a debugged McAfee process, granting local access ...

5CVSS5AI score0.00537EPSS
CVE
CVE
added 2019/10/28 2:23 p.m.54 views

CVE-2019-3636

McAfee Total Protection Windows client (versions up to 16.0.R21) is affected by CVE-2019-3636, a local File Masquerade vulnerability that lets an attacker read the plaintext list of AV-Scan exclusion files from the Windows registry and potentially replace excluded files with malware without detec...

7.8CVSS7.4AI score0.00225EPSS
CVE
CVE
added 2020/08/05 8:55 p.m.54 views

CVE-2020-7298

CVE-2020-7298 affects McAfee Total Protection (MTP) prior to 16.0.R26. The vulnerability allows a local attacker to disable real-time scanning by supplying a specially crafted object that triggers a specific function call. Publicly available documents confirm the affected product and the basic im...

8.4CVSS7.5AI score0.00293EPSS
CVE
CVE
added 2020/08/21 8:30 a.m.53 views

CVE-2020-7310

CVE-2020-7310 describes a privilege-escalation flaw in the installer of McAfee Total Protection (MTP) trial before version 4.0.161.1. The issue arises from manipulating symbolic links to redirect McAfee file operations to an unintended file, enabling local users to modify files governed by write-...

6.9CVSS6.7AI score0.00293EPSS
CVE
CVE
added 2021/05/12 9:0 a.m.53 views

CVE-2021-23872

Summary: CVE-2021-23872 affects McAfee Total Protection (MTP) — File Lock component. **Root cause:**Privilege escalation by manipulating a symbolic link through the IOCTL interface. Impact: local user gains elevated privileges (confidentiality, integrity, and availability impact rated High). Affe...

7.8CVSS7.6AI score0.00426EPSS
CVE
CVE
added 2023/03/13 12:0 a.m.51 views

CVE-2023-24577

CVE-2023-24577 : McAfee Total Protection prior to 16.0.50 is affected by an improper link resolution issue via registry keys, enabling local privilege escalation for users with lower privileges. The vulnerability is tied to the product’s handling of registry keys, resulting in the ability to elev...

5.5CVSS5.5AI score0.00284EPSS
CVE
CVE
added 2019/01/28 6:0 p.m.48 views

CVE-2019-3593

CVE-2019-3593 tracks a privilege/trust vulnerability in the Windows client of McAfee Total Protection (MTP) before version 16.0.R18 . The issue allows local attackers to bypass the product’s self‑protection, tamper with policies and product files, and uninstall McAfee software via specially craft...

7.5CVSS6.7AI score0.00347EPSS
CVE
CVE
added 2020/10/14 8:55 a.m.47 views

CVE-2020-7330

CVE-2020-7330 affects McAfee Total Protection (MTP) trial versions before 4.0.176.1. Multiple sources describe a privilege-escalation flaw where a local user can schedule tasks that invoke malware to execute with elevated privileges by editing environment variables. Root cause centers on environm...

8.8CVSS8.1AI score0.00267EPSS
CVE
CVE
added 2019/01/23 3:0 p.m.44 views

CVE-2019-3587

CVE-2019-3587 applies to the Windows client of McAfee Total Protection (MTP) prior to version 16.0.18 . The vulnerability is a DLL Search Order Hijacking issue that enables local code execution when a user runs from a compromised folder. Affected product: McAfee Total Protection (Windows client)....

7.2CVSS6.8AI score0.01373EPSS
CVE
CVE
added 2021/05/12 9:0 a.m.44 views

CVE-2021-23891

McAfee Total Protection (MTP) before version 16.0.32 contains a local privilege escalation vulnerability. A local user can impersonate a client token to bypass MTP self-defense and gain elevated privileges. Affected component: token/auth handling within MTP. Root cause: impersonation of a client ...

7.8CVSS7.7AI score0.00342EPSS