CVE-2018-6693

MEDIUM

McAfee Endpoint Security for Linux Threat Prevention <=10.5.1 - Unauthenticated Arbitrary File Deletion via TOCTOU

Title source: llm

Description

An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use (TOCTOU) race condition during a specific scanning sequence, the unprivileged user is able to perform a privilege escalation to delete arbitrary files.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://kc.mcafee.com/corporate/index?page=content&id=SB10248

Scores

CVSS v3 5.3

EPSS 0.0003

EPSS Percentile 9.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L

Details

CWE

CWE-274 CWE-367 CWE-363

Status published

Products (3)

mcafee/endpoint_security_for_linux_threat_prevention 10.5.1

mcafee/endpoint_security_for_linux_threat_prevention < 10.2.3

mcafee/endpoint_security_linux_threat_prevention 10.5.0

Published Sep 18, 2018

Tracked Since Feb 18, 2026