Description
A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10054
Scores
CVSS v3
5.5
EPSS
0.0004
EPSS Percentile
11.4%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-284
Status
published
Products (3)
Intel/Application Control (MAC)
6.1.0 for Linux and earlier
mcafee/application_control
< 6.1.0
mcafee/change_control
< 6.1.0
Published
Mar 14, 2017
Tracked Since
Feb 18, 2026