Vulnerabilities > CVE-2022-0129 - Unspecified vulnerability in Mcafee Techcheck 3.0.0.17

CVSS 6.7 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

mcafee

NVD

Published: 2022-01-11

Updated: 2024-11-21

Summary

Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from.

Vulnerable Configurations

Part	Description	Count
Application	Mcafee Mcafee Techcheck - Mcafee Techcheck 3.0.0.17	2

References

https://service.mcafee.com/?articleId=TS103243
https://service.mcafee.com/?articleId=TS103243