CVE-2012-5879

McAfee Virtual Technician and ePO-MVT < 6.5.0.2101 - Arbitrary File Write via McHealthCheck.dll Save Method

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-5879. PoCs published by High-Tech Bridge SA.

AI-analyzed exploit summary This exploit leverages an insecure ActiveX method (Save()) in McAfee Virtual Technician's McHealthCheck.dll to overwrite or create arbitrary files in the context of the current user. The PoC is a simple HTML page with VBScript that triggers the vulnerability via a button click.

Description

An ActiveX control in McHealthCheck.dll in McAfee Virtual Technician (MVT) and ePO-MVT 6.5.0.2101 and earlier allows remote attackers to modify or create arbitrary files via a full pathname argument to the Save method.

Exploits (1)

exploitdb WORKING POC

by High-Tech Bridge SA · textremotewindows

https://www.exploit-db.com/exploits/24907

View Code ZIP pw:eip

This exploit leverages an insecure ActiveX method (Save()) in McAfee Virtual Technician's McHealthCheck.dll to overwrite or create arbitrary files in the context of the current user. The PoC is a simple HTML page with VBScript that triggers the vulnerability via a button click.

Classification

Working Poc 100%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: McAfee Virtual Technician 6.5.0.2101

No auth needed

Prerequisites: Victim must visit a malicious webpage using Internet Explorer · McAfee Virtual Technician 6.5.0.2101 must be installed

MITRE ATT&CK

T1218.002 - Control Panel

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Vendor Advisory x_refsource_confirm

https://kc.mcafee.com/corporate/index?page=content&id=SB10040

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1028357

Exploit mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2013-03/0143.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/91700

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/58750

Vendor Advisory x_refsource_misc

https://www.htbridge.com/advisory/HTB23128

Scores

EPSS 0.0520

EPSS Percentile 91.4%

Details

CWE

CWE-264

Status published

Products (8)

mcafee/epo_mcafee_virtual_technician 1.0

mcafee/epo_mcafee_virtual_technician 1.0.4.0

mcafee/epo_mcafee_virtual_technician 1.0.7

mcafee/epo_mcafee_virtual_technician 1.0.8

mcafee/epo_mcafee_virtual_technician 1.0.9

mcafee/epo_mcafee_virtual_technician < 6.5.0.2101

mcafee/mcafee_virtual_technician 6.3.0.1911

mcafee/mcafee_virtual_technician < 6.5.0.2101

Published Mar 28, 2013

Tracked Since Feb 18, 2026