Description
DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Free Antivirus Trial 16.0.R18 and earlier allows local users to execute arbitrary code via execution from a compromised folder placed by an attacker with administrator rights.
References (1)
Core 1
Core References
Various Sources x_refsource_confirm
http://service.mcafee.com/FAQDocument.aspx?&id=TS102968
Scores
CVSS v3
6.9
EPSS
0.0148
EPSS Percentile
70.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:L
Details
CWE
CWE-426
CWE-714
Status
published
Products (1)
mcafee/total_protection
< 16.0.r18
Published
Sep 13, 2019
Tracked Since
Feb 18, 2026