25 results (0.001 seconds)

CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0

McAfee Total Protection prior to 16.0.50 may allow an adversary (with full administrative access) to modify a McAfee specific Component Object Model (COM) in the Windows Registry. This can result in the loading of a malicious payload. • https://www.mcafee.com/en-us/consumer-corporate/mcafee-labs/product-security-bulletins.html https://www.mcafee.com/support/?articleId=TS103398&page=shell&shell=article-view •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

McAfee Total Protection prior to 16.0.50 allows attackers to elevate user privileges due to Improper Link Resolution via registry keys. This could enable a user with lower privileges to execute unauthorized tasks. • https://www.mcafee.com/en-us/consumer-corporate/mcafee-labs/product-security-bulletins.html https://www.mcafee.com/support/?articleId=TS103397&page=shell&shell=article-view • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading. This could enable a user with lower privileges to execute unauthorized tasks. • https://www.mcafee.com/en-us/consumer-corporate/mcafee-labs/product-security-bulletins.html https://www.mcafee.com/support/?articleId=TS103397&page=shell&shell=article-view • CWE-427: Uncontrolled Search Path Element •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

McAfee Total Protection prior to 16.0.51 allows attackers to trick a victim into uninstalling the application via the command prompt. • https://www.mcafee.com/en-us/consumer-corporate/mcafee-labs/product-security-bulletins.html https://www.mcafee.com/support/?articleId=TS103397&page=shell&shell=article-view •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user. This may have allowed the unprivileged user to execute arbitrary code with system privileges. McAfee Total Protection anterior a la versión 16.0.49 contiene una vulnerabilidad de elemento de ruta de búsqueda no controlada debido al uso de una variable que apunta a un subdirectorio que puede ser controlado por un usuario sin privilegios. Esto puede haber permitido al usuario sin privilegios ejecutar código arbitrario con permisos del system. • https://mcafee.com https://www.mcafee.com/support/?articleId=TS103348&page=shell&shell=article-view • CWE-427: Uncontrolled Search Path Element •