// For flags

CVE-2022-0280

McAfee Total Protection (MTP) - File Deletion vulnerability

Severity Score

7.0
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local user to gain privilege elevation and perform an arbitrary file delete. This could lead to sensitive files being deleted and potentially cause denial of service. This attack exploits the way symlinks are created and how the product works with them.

Se presenta una vulnerabilidad de condición de carrera en la función QuickClean de McAfee Total Protection para Windows versiones anteriores a 16.0.43, que permite a un usuario local alcanzar una elevación de privilegios y llevar a cabo una eliminación arbitraria de archivos. Esto podría conllevar a una eliminación de archivos confidenciales y causar potencialmente una denegación de servicio. Este ataque explota la forma en que son creados los enlaces simbólicos y cómo el producto trabaja con ellos

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-01-19 CVE Reserved
  • 2022-03-10 CVE Published
  • 2023-11-16 EPSS Updated
  • 2024-08-02 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
--
Affected
in Mcafee
Search vendor "Mcafee"
Total Protection
Search vendor "Mcafee" for product "Total Protection"
< 16.0.43
Search vendor "Mcafee" for product "Total Protection" and version " < 16.0.43"
-
Safe