Vulnerabilities > Mcafee > Total Protection > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-23 | CVE-2022-43751 | Uncontrolled Search Path Element vulnerability in Mcafee Total Protection McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user. | 7.8 |
| 2021-10-26 | CVE-2021-23877 | Improper Privilege Management vulnerability in Mcafee Total Protection Privilege escalation vulnerability in the Windows trial installer of McAfee Total Protection (MTP) prior to 16.0.34_x may allow a local user to run arbitrary code as the admin user by replacing a specific temporary file created during the installation of the trial version of MTP. | 7.8 |
| 2021-05-12 | CVE-2021-23872 | Link Following vulnerability in Mcafee Total Protection Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by manipulating a symbolic link in the IOCTL interface. | 7.8 |
| 2021-05-12 | CVE-2021-23891 | Improper Privilege Management vulnerability in Mcafee Total Protection Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by impersonating a client token which could lead to the bypassing of MTP self-defense. | 7.8 |
| 2021-02-10 | CVE-2021-23876 | Unspecified vulnerability in Mcafee Total Protection Bypass Remote Procedure call in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file modification as the SYSTEM user potentially causing Denial of Service via executing carefully constructed malware. | 7.8 |
| 2021-02-10 | CVE-2021-23874 | Incorrect Permission Assignment for Critical Resource vulnerability in Mcafee Total Protection Arbitrary Process Execution vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and execute arbitrary code bypassing MTP self-defense. | 7.8 |
| 2020-12-01 | CVE-2020-7335 | Improper Privilege Management vulnerability in Mcafee Total Protection Privilege Escalation vulnerability in Microsoft Windows client McAfee Total Protection (MTP) prior to 16.0.29 allows local users to gain elevated privileges via careful manipulation of a folder by creating a junction link. | 7.8 |
| 2020-10-14 | CVE-2020-7330 | Improper Privilege Management vulnerability in Mcafee Total Protection 4.0.161.1 Privilege Escalation vulnerability in McAfee Total Protection (MTP) trial prior to 4.0.176.1 allows local users to schedule tasks which call malicious software to execute with elevated privileges via editing of environment variables | 8.8 |
| 2020-08-05 | CVE-2020-7298 | Unspecified vulnerability in Mcafee Total Protection Unexpected behavior violation in McAfee Total Protection (MTP) prior to 16.0.R26 allows local users to turn off real time scanning via a specially crafted object making a specific function call. | 8.4 |
| 2020-07-03 | CVE-2020-7283 | Improper Privilege Management vulnerability in Mcafee Total Protection Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to create and edit files via symbolic link manipulation in a location they would otherwise not have access to. | 8.8 |