CVE-2018-6755

HIGH

Mcafee True Key < 5.1.230.7 - Incorrect Permission Assignment

Title source: rule

Description

Weak Directory Permission Vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Google Security Research · textlocalwindows

https://www.exploit-db.com/exploits/45961

View Code ZIP pw:eip

References (2)

[Various Sources] http://service.mcafee.com/FAQDocument.aspx?&id=TS102872

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/45961/

Scores

CVSS v3 7.2

EPSS 0.0012

EPSS Percentile 31.5%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

Classification

CWE

CWE-732

Status published

Affected Products (1)

mcafee/true_key < 5.1.230.7

Timeline

Published Dec 06, 2018

Tracked Since Feb 18, 2026