Total Protection Security Vulnerabilities and Issues — Total Protection CVE List

Lucene search

McafeeTotal Protection

15 matches found

CVE•added 2020/07/03 2:15 p.m.•62 views

CVE-2020-7282

Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious s...

7.5CVSS6.3AI score0.00048EPSS

CVE•added 2021/10/26 10:15 p.m.•48 views

CVE-2021-23877

Privilege escalation vulnerability in the Windows trial installer of McAfee Total Protection (MTP) prior to 16.0.34_x may allow a local user to run arbitrary code as the admin user by replacing a specific temporary file created during the installation of the trial version of MTP.

7.8CVSS7.2AI score0.00027EPSS

CVE•added 2019/11/13 9:15 a.m.•45 views

CVE-2019-3648

A Privilege Escalation vulnerability in the Microsoft Windows client in McAfee Total Protection 16.0.R22 and earlier allows administrators to execute arbitrary code via carefully placing malicious files in specific locations protected by administrator permission.

7.2CVSS6.6AI score0.00168EPSS

CVE•added 2023/03/13 1:15 p.m.•45 views

CVE-2023-24579

McAfee Total Protection prior to 16.0.51 allows attackers to trick a victim into uninstalling the application via the command prompt.

7.8CVSS5.5AI score0.00044EPSS

CVE•added 2020/12/01 9:15 a.m.•44 views

CVE-2020-7335

Privilege Escalation vulnerability in Microsoft Windows client McAfee Total Protection (MTP) prior to 16.0.29 allows local users to gain elevated privileges via careful manipulation of a folder by creating a junction link. This exploits a lack of protection through a timing issue and is only exploi...

7.8CVSS7.5AI score0.00042EPSS

CVE•added 2021/02/10 11:15 a.m.•44 views

CVE-2021-23873

Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file deletion as the SYSTEM user potentially causing Denial of Service via manipulating Junction link, after enumerating certain files, at a spe...

7.8CVSS6.6AI score0.00097EPSS

CVE•added 2022/11/23 12:15 a.m.•44 views

CVE-2022-43751

McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user. This may have allowed the unprivileged user to execute arbitrary code with system pri...

7.8CVSS7.8AI score0.00074EPSS

CVE•added 2020/07/03 2:15 p.m.•43 views

CVE-2020-7281

Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious...

7.5CVSS6.3AI score0.00029EPSS

CVE•added 2009/04/30 8:30 p.m.•42 views

CVE-2009-1348

The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invali...

7.6CVSS6.7AI score0.00449EPSS

CVE•added 2021/05/12 9:15 a.m.•40 views

CVE-2021-23872

Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by manipulating a symbolic link in the IOCTL interface.

7.8CVSS7.6AI score0.00042EPSS

CVE•added 2021/02/10 11:15 a.m.•39 views

CVE-2021-23876

Bypass Remote Procedure call in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file modification as the SYSTEM user potentially causing Denial of Service via executing carefully constructed malware.

7.8CVSS7.8AI score0.00034EPSS

CVE•added 2019/10/28 3:15 p.m.•37 views

CVE-2019-3636

A File Masquerade vulnerability in McAfee Total Protection (MTP) version 16.0.R21 and earlier in Windows client allowed an attacker to read the plaintext list of AV-Scan exclusion files from the Windows registry, and to possibly replace excluded files with potential malware without being detected.

7.8CVSS7.4AI score0.00063EPSS

CVE•added 2019/01/28 6:0 p.m.•36 views

CVE-2019-3593

Exploitation of Privilege/Trust vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Prior to 16.0.R18 allows local users to bypass product self-protection, tamper with policies and product files, and uninstall McAfee software without permission via specially crafted malware.

7.5CVSS6.7AI score0.00043EPSS

CVE•added 2019/01/23 3:29 p.m.•31 views

CVE-2019-3587

DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Prior to 16.0.18 allows local users to execute arbitrary code via execution from a compromised folder.

7.2CVSS6.8AI score0.00436EPSS

CVE•added 2021/05/12 9:15 a.m.•30 views

CVE-2021-23891

Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by impersonating a client token which could lead to the bypassing of MTP self-defense.

7.8CVSS7.7AI score0.00042EPSS