HIGH🇵🇱 Wersja polska

CVE-2022-43751

CVSS 7.8v3.1pub. 2022-11-23upd. 2025-04-29

McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user. This may have allowed the unprivileged user to execute arbitrary code with system privileges.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Mcafee Total Protection

    APP
    Mcafee
    < 16.0.49
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2021-23874HIGH8.2⚠ KEVten sam produkt

Arbitrary Process Execution vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local use...

CVE-2022-0280HIGH7.5ten sam produkt

A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior t...

CVE-2021-23872HIGH7.8ten sam produkt

Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.3...

CVE-2021-23891HIGH7.8ten sam produkt

Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to ga...

CVE-2021-23873HIGH7.8ten sam produkt

Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to ga...