Lucene search
K
McafeeTrue Key

8 matches found

CVE
CVE
added 2018/04/02 1:0 p.m.71 views

CVE-2018-6661

CVE-2018-6661 : McAfee True Key contains a DLL side-loading privilege-escalation vulnerability. Affected: True Key prior to 4.20.110. Root cause: DLL signature not verified, enabling local users to gain elevated privileges by loading a crafted DLL. Impact: local privilege elevation as described i...

7.8CVSS7.4AI score0.00813EPSS
CVE
CVE
added 2019/02/13 5:0 p.m.70 views

CVE-2019-3610

The CVE-2019-3610 entry applies to the McAfee True Key Windows client. Affected software: McAfee True Key (Windows client) v3.1.9211.0 and earlier. Issue: local information disclosure via specially crafted malware, enabling a local attacker to exfiltrate confidential data. CVSS details indicate L...

5.6CVSS5.3AI score0.00302EPSS
CVE
CVE
added 2018/12/06 11:0 p.m.67 views

CVE-2018-6756

The CVE-2018-6756 entry concerns McAfee True Key (TK) Windows Client with affected version(s) up to 5.1.230.7, where an Authentication Abuse vulnerability enables local users to execute unauthorized commands via specially crafted malware. Connected documents corroborate local privilege/escalation...

7.8CVSS7.7AI score0.01026EPSS
CVE
CVE
added 2018/12/06 11:0 p.m.65 views

CVE-2018-6757

McAfee True Key Windows client (TK) vulnerable to local privilege escalation on version 5.1.230.7 and earlier due to issues in the McAfee.TrueKey.Service implementation (notably SecureExecute). Public reports indicate multiple local-elevation vulnerability variants that can allow a non-privileged...

7.8CVSS7.7AI score0.01137EPSS
CVE
CVE
added 2018/12/06 11:0 p.m.64 views

CVE-2018-6755

CVE-2018-6755 affects the McAfee True Key Windows client (TK) up to at least 5.1.230.7. The vulnerability is a Weak Directory Permission vulnerability in the Windows client that allows a local attacker to execute arbitrary code via specially crafted malware. Connected documents reference a local-...

7.8CVSS7.4AI score0.00982EPSS
CVE
CVE
added 2020/09/04 2:5 p.m.58 views

CVE-2020-7299

CVE-2020-7299 affects the McAfee True Key Windows client. The vulnerability is a cleartext storage of sensitive information in memory, enabling a local administrator to access another user’s passwords on the same machine by triggering a process dump. Affected are True Key versions prior to 6.2.10...

5CVSS4.4AI score0.00359EPSS
CVE
CVE
added 2018/09/24 1:0 p.m.48 views

CVE-2018-6700

CVE-2018-6700 corresponds to a DLL Search Order Hijacking vulnerability in McAfee True Key (TK) on Windows Client, prior to version 5.1.165. The root cause is exploitation of DLL search order to load malicious code locally, enabling arbitrary code execution by a local attacker with no credentials...

7.8CVSS7.7AI score0.00937EPSS
CVE
CVE
added 2018/09/24 12:0 p.m.47 views

CVE-2018-6682

The CVE-2018-6682 entry concerns McAfee True Key (TK), where Cross Site Scripting exposes confidential data to local users via a crafted website in TK 4.0.0.0 and earlier. Affected component: the True Key web context handling (XSS exposure). Root cause: unclear in the provided documents beyond th...

6.1CVSS5.8AI score0.00701EPSS