Main Vulnerability Database Vulnerabilities #VU50682

#VU50682 Improper Privilege Management in McAfee Total Protection (MTP) - CVE-2021-23876

Published: February 15, 2021

Vulnerability identifier: #VU50682

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2021-23876

CWE-ID: CWE-269

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
McAfee Total Protection (MTP)

Software vendor:
McAfee

Description

The vulnerability allows a local user to escalate privileges.

The vulnerability exists due to improper privilege management. A local user can execute specially constructed malware, bypass remote procedure call, gain elevated privileges and perform arbitrary file modification as the SYSTEM user.

Remediation

Install updates from vendor's website.

External links

http://service.mcafee.com/FAQDocument.aspx?&id=TS103114

#VU50682 Improper Privilege Management in McAfee Total Protection (MTP) - CVE-2021-23876

Description

Remediation

External links

Please verify you're human