Vulnerabilities > Mcafee > Total Protection > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-03-21 CVE-2023-25134 Unspecified vulnerability in Mcafee Total Protection
McAfee Total Protection prior to 16.0.50 may allow an adversary (with full administrative access) to modify a McAfee specific Component Object Model (COM) in the Windows Registry.
local
low complexity
mcafee
6.7
2023-03-13 CVE-2023-24577 Link Following vulnerability in Mcafee Total Protection
McAfee Total Protection prior to 16.0.50 allows attackers to elevate user privileges due to Improper Link Resolution via registry keys.
local
low complexity
mcafee CWE-59
5.5
2023-03-13 CVE-2023-24578 Uncontrolled Search Path Element vulnerability in Mcafee Total Protection
McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading.
local
low complexity
mcafee CWE-427
5.5
2023-03-13 CVE-2023-24579 Unspecified vulnerability in Mcafee Total Protection
McAfee Total Protection prior to 16.0.51 allows attackers to trick a victim into uninstalling the application via the command prompt.
local
low complexity
mcafee
5.5
2021-02-10 CVE-2021-23873 Link Following vulnerability in Mcafee Total Protection
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file deletion as the SYSTEM user potentially causing Denial of Service via manipulating Junction link, after enumerating certain files, at a specific time.
local
low complexity
mcafee CWE-59
6.1
2020-08-21 CVE-2020-7310 Improper Privilege Management vulnerability in Mcafee Total Protection
Privilege Escalation vulnerability in the installer in McAfee McAfee Total Protection (MTP) trial prior to 4.0.161.1 allows local users to change files that are part of write protection rules via manipulating symbolic links to redirect a McAfee file operations to an unintended file.
local
high complexity
mcafee CWE-269
6.9
2020-07-03 CVE-2020-7282 Link Following vulnerability in Mcafee Total Protection
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file.
local
high complexity
mcafee CWE-59
6.3
2020-07-03 CVE-2020-7281 Improper Privilege Management vulnerability in Mcafee Total Protection
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file.
local
high complexity
mcafee CWE-269
6.3
2019-11-13 CVE-2019-3648 Untrusted Search Path vulnerability in Mcafee products
A Privilege Escalation vulnerability in the Microsoft Windows client in McAfee Total Protection 16.0.R22 and earlier allows administrators to execute arbitrary code via carefully placing malicious files in specific locations protected by administrator permission.
local
low complexity
mcafee CWE-426
6.7
2019-09-13 CVE-2019-3646 Untrusted Search Path vulnerability in Mcafee Total Protection 16.0.36/16.0.R18
DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Free Antivirus Trial 16.0.R18 and earlier allows local users to execute arbitrary code via execution from a compromised folder placed by an attacker with administrator rights.
local
low complexity
mcafee CWE-426
6.5