CVE-2012-4598

McAfee Virtual Technician <6.4 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2012-4598. PoCs published by Metasploit, rgod, rgod, sinn3r, including Metasploit module exploits/windows/browser/mcafee_mvt_exec.

AI-analyzed exploit summary This Metasploit module exploits a vulnerability in McAfee Virtual Technician's MVTControl ActiveX control via the GetObject() function to load unsafe classes like WScript.Shell, enabling remote code execution under the user's context.

Description

An unspecified ActiveX control in McAfee Virtual Technician (MVT) before 6.4, and ePO-MVT, allows remote attackers to execute arbitrary code or cause a denial of service (Internet Explorer crash) via a crafted web site.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/18812

This Metasploit module exploits a vulnerability in McAfee Virtual Technician's MVTControl ActiveX control via the GetObject() function to load unsafe classes like WScript.Shell, enabling remote code execution under the user's context.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: McAfee Virtual Technician MVTControl 6.3.0.1911
No auth needed
Prerequisites: Victim must use Internet Explorer · ActiveX controls must be enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by rgod · textremotewindows
https://www.exploit-db.com/exploits/18805

This exploit leverages a security bypass in McAfee Virtual Technician's ActiveX control (MVT.MVTControl.6300) via the GetObject() function to execute arbitrary commands (e.g., launching calc.exe) or crash the browser by specifying invalid memory addresses. The control is marked as safe for scripting, allowing remote exploitation via Internet Explorer.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: McAfee Virtual Technician 6.3.0.1911
No auth needed
Prerequisites: Victim must have McAfee Virtual Technician 6.3.0.1911 installed · Victim must use Internet Explorer 7/8/9 · ActiveX controls must be enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by rgod, sinn3r · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/mcafee_mvt_exec.rb

This Metasploit module exploits a vulnerability in McAfee Virtual Technician's MVTControl ActiveX control by abusing the GetObject() function to load unsafe classes like WScript.Shell, leading to remote code execution under the user's context.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: McAfee Virtual Technician MVTControl 6.3.0.1911
No auth needed
Prerequisites: Victim must visit a malicious webpage using Internet Explorer · ActiveX controls must be enabled
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

EPSS 0.2938
EPSS Percentile 97.9%

Details

Status published
Products (4)
mcafee/epo_mcafee_virtual_technician 1.0
mcafee/epo_mcafee_virtual_technician 1.0.4.0
mcafee/epo_mcafee_virtual_technician < 1.0.7
mcafee/mcafee_virtual_technician < 6.3.0.1911
Published Aug 22, 2012
Tracked Since Feb 18, 2026