Privilege escalation in McAfee VirusScan
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2018-6674 |
| CWE-ID | CWE-264 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
McAfee VirusScan Client/Desktop applications / Antivirus software/Personal firewalls |
| Vendor | McAfee |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Privilege escalation
EUVDB-ID: #VU12533
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-6674
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a physical authenticated attacker to obtain potentially sensitive information and gain elevated privileges on the target system.
The weakness exists due to VSE might spawn a process inheriting the parent's privileges when the process McTray.exe runs with elevated privileges. A physical attacker can gain access to potentially sensitive information and gain root privileges.
Update to version 8.8 Patch 11.
Vulnerable software versionsMcAfee VirusScan: 8.8 Patch 1 - 8.8
CPE2.3- cpe:2.3:a:mcafee:mcafee_virusscan:8.8 Patch 1:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:mcafee_virusscan:8.8 Patch 2:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:mcafee_virusscan:8.8 Patch 3:*:*:*:*:*:*:*
https://kc.mcafee.com/corporate/index?page=content&id=SB10237
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
