Arbitrary Process Execution vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and execute arbitrary code bypassing MTP self-defense.
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:HMcafee Total Protection
APPMcafee< 16.0.30
CISA KEV — detailsi
- Vendori
- McAfee
- Producti
- McAfee Total Protection (MTP)
- Added to KEVi
- November 3, 2021
- Remediation deadline (US Federal)i
- November 17, 2021(overdue)
Apply updates per vendor instructions.
McAfee Total Protection (MTP) contains an improper privilege management vulnerability that allows a local user to gain elevated privileges and execute code, bypassing MTP self-defense.
Related vulnerabilities
McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability du...
A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior t...
Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.3...
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to ga...
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to ga...