Main Vulnerability Database Exploits ID:6091 - Exploit for Insecure DLL loading in McAfee True Key - CVE-2018-6661

ID:6091 - Exploit for Insecure DLL loading in McAfee True Key - CVE-2018-6661

Published: June 17, 2021

Vulnerability identifier: #VU12138

Vulnerability risk: Low

CVE-ID: CVE-2018-6661

CWE-ID: CWE-427

Exploitation vector: Local access

Vulnerable software:
McAfee True Key

Link to public exploit:

https://www.exploit-db.com/exploits/45961/

Vulnerability description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists in Microsoft Windows Client due to insecure .dll loading mechanism when opening files. A local attacker can place a file along with a specially crafted .dll file on a remote SBM or WebDAV share and gain root privileges.

Remediation

Update to version 4.20.110.

ID:6091 - Exploit for Insecure DLL loading in McAfee True Key - CVE-2018-6661

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human