Vulnerabilities > Mcafee > Total Protection

DATE CVE VULNERABILITY TITLE RISK
2023-03-21 CVE-2023-25134 Unspecified vulnerability in Mcafee Total Protection
McAfee Total Protection prior to 16.0.50 may allow an adversary (with full administrative access) to modify a McAfee specific Component Object Model (COM) in the Windows Registry.
local
low complexity
mcafee
6.7
2023-03-13 CVE-2023-24577 Link Following vulnerability in Mcafee Total Protection
McAfee Total Protection prior to 16.0.50 allows attackers to elevate user privileges due to Improper Link Resolution via registry keys.
local
low complexity
mcafee CWE-59
5.5
2023-03-13 CVE-2023-24578 Uncontrolled Search Path Element vulnerability in Mcafee Total Protection
McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading.
local
low complexity
mcafee CWE-427
5.5
2023-03-13 CVE-2023-24579 Unspecified vulnerability in Mcafee Total Protection
McAfee Total Protection prior to 16.0.51 allows attackers to trick a victim into uninstalling the application via the command prompt.
local
low complexity
mcafee
5.5
2022-11-23 CVE-2022-43751 Uncontrolled Search Path Element vulnerability in Mcafee Total Protection
McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user.
local
low complexity
mcafee CWE-427
7.8
2021-10-26 CVE-2021-23877 Improper Privilege Management vulnerability in Mcafee Total Protection
Privilege escalation vulnerability in the Windows trial installer of McAfee Total Protection (MTP) prior to 16.0.34_x may allow a local user to run arbitrary code as the admin user by replacing a specific temporary file created during the installation of the trial version of MTP.
local
low complexity
mcafee CWE-269
7.8
2021-05-12 CVE-2021-23872 Link Following vulnerability in Mcafee Total Protection
Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by manipulating a symbolic link in the IOCTL interface.
local
low complexity
mcafee CWE-59
7.8
2021-05-12 CVE-2021-23891 Improper Privilege Management vulnerability in Mcafee Total Protection
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by impersonating a client token which could lead to the bypassing of MTP self-defense.
local
low complexity
mcafee CWE-269
7.8
2021-02-10 CVE-2021-23876 Unspecified vulnerability in Mcafee Total Protection
Bypass Remote Procedure call in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file modification as the SYSTEM user potentially causing Denial of Service via executing carefully constructed malware.
local
low complexity
mcafee
7.8
2021-02-10 CVE-2021-23874 Incorrect Permission Assignment for Critical Resource vulnerability in Mcafee Total Protection
Arbitrary Process Execution vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and execute arbitrary code bypassing MTP self-defense.
local
low complexity
mcafee CWE-732
7.8