EIP-2026-100962
PRE-CVEMcAfee Email Gateway (formerly IronMail) - Local Privilege Escalation
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-100962. PoCs published by Nahuel Grisolia.
AI-analyzed exploit summary This advisory describes a local privilege escalation vulnerability in McAfee Email Gateway (formerly IronMail) version 6.7.1, where improper handling of environment variables allows CLI users to execute arbitrary commands with admin rights. The vulnerability is patched in version 6.7.2 Hotfix 2.
Description
McAfee Email Gateway (formerly IronMail) - Local Privilege Escalation
Exploits (1)
This advisory describes a local privilege escalation vulnerability in McAfee Email Gateway (formerly IronMail) version 6.7.1, where improper handling of environment variables allows CLI users to execute arbitrary commands with admin rights. The vulnerability is patched in version 6.7.2 Hotfix 2.