Privilege escalation in McAfee VirusScan

Published: 2018-05-10
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2018-6674
Exploitation vector Local
Public exploit N/A
Vulnerable software
McAfee VirusScan
Client/Desktop applications / Antivirus software/Personal firewalls

Vendor McAfee

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Privilege escalation

EUVDB-ID: #VU12533

Risk: Low

CVSSv3.1: 5.4 [CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-6674

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No


The vulnerability allows a physical authenticated attacker to obtain potentially sensitive information and gain elevated privileges on the target system.

The weakness exists due to VSE might spawn a process inheriting the parent's privileges when the process McTray.exe runs with elevated privileges. A physical attacker can gain access to potentially sensitive information and gain root privileges.


Update to version 8.8 Patch 11.

Vulnerable software versions

McAfee VirusScan: 8.8 - 8.8 Patch 10

External links

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.