Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Mcafee Subscribe
Filtered by product Total Protection
Total 26 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-24578 1 Mcafee 1 Total Protection 2023-03-22 N/A 5.5 MEDIUM
McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading. This could enable a user with lower privileges to execute unauthorized tasks.
CVE-2023-24577 1 Mcafee 1 Total Protection 2023-03-22 N/A 5.5 MEDIUM
McAfee Total Protection prior to 16.0.50 allows attackers to elevate user privileges due to Improper Link Resolution via registry keys. This could enable a user with lower privileges to execute unauthorized tasks.
CVE-2023-24579 1 Mcafee 1 Total Protection 2023-03-22 N/A 5.5 MEDIUM
McAfee Total Protection prior to 16.0.51 allows attackers to trick a victim into uninstalling the application via the command prompt.
CVE-2022-43751 1 Mcafee 1 Total Protection 2022-11-28 N/A 7.8 HIGH
McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user. This may have allowed the unprivileged user to execute arbitrary code with system privileges.
CVE-2020-7282 1 Mcafee 1 Total Protection 2022-07-01 3.3 LOW 6.3 MEDIUM
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
CVE-2020-7281 1 Mcafee 1 Total Protection 2022-07-01 1.9 LOW 6.3 MEDIUM
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
CVE-2020-7310 1 Mcafee 1 Total Protection 2022-06-01 3.3 LOW 6.9 MEDIUM
Privilege Escalation vulnerability in the installer in McAfee McAfee Total Protection (MTP) trial prior to 4.0.161.1 allows local users to change files that are part of write protection rules via manipulating symbolic links to redirect a McAfee file operations to an unintended file.
CVE-2021-23872 1 Mcafee 1 Total Protection 2022-05-03 4.6 MEDIUM 7.8 HIGH
Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by manipulating a symbolic link in the IOCTL interface.
CVE-2021-23873 1 Mcafee 1 Total Protection 2022-05-03 3.6 LOW 6.1 MEDIUM
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file deletion as the SYSTEM user potentially causing Denial of Service via manipulating Junction link, after enumerating certain files, at a specific time.
CVE-2022-0280 2 Mcafee, Microsoft 2 Total Protection, Windows 2022-03-21 3.3 LOW 6.3 MEDIUM
A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local user to gain privilege elevation and perform an arbitrary file delete. This could lead to sensitive files being deleted and potentially cause denial of service. This attack exploits the way symlinks are created and how the product works with them.
CVE-2021-23877 1 Mcafee 1 Total Protection 2021-10-28 7.2 HIGH 7.8 HIGH
Privilege escalation vulnerability in the Windows trial installer of McAfee Total Protection (MTP) prior to 16.0.34_x may allow a local user to run arbitrary code as the admin user by replacing a specific temporary file created during the installation of the trial version of MTP.
CVE-2020-7298 1 Mcafee 1 Total Protection 2021-07-21 3.6 LOW 8.4 HIGH
Unexpected behavior violation in McAfee Total Protection (MTP) prior to 16.0.R26 allows local users to turn off real time scanning via a specially crafted object making a specific function call.
CVE-2021-23891 1 Mcafee 1 Total Protection 2021-05-20 4.6 MEDIUM 7.8 HIGH
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by impersonating a client token which could lead to the bypassing of MTP self-defense.
CVE-2021-23876 1 Mcafee 1 Total Protection 2021-02-16 7.2 HIGH 7.8 HIGH
Bypass Remote Procedure call in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file modification as the SYSTEM user potentially causing Denial of Service via executing carefully constructed malware.
CVE-2021-23874 1 Mcafee 1 Total Protection 2021-02-11 4.6 MEDIUM 7.8 HIGH
Arbitrary Process Execution vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and execute arbitrary code bypassing MTP self-defense.
CVE-2020-7335 1 Mcafee 1 Total Protection 2020-12-08 4.4 MEDIUM 7.8 HIGH
Privilege Escalation vulnerability in Microsoft Windows client McAfee Total Protection (MTP) prior to 16.0.29 allows local users to gain elevated privileges via careful manipulation of a folder by creating a junction link. This exploits a lack of protection through a timing issue and is only exploitable in a small time window.
CVE-2020-7330 1 Mcafee 1 Total Protection 2020-10-27 4.6 MEDIUM 8.8 HIGH
Privilege Escalation vulnerability in McAfee Total Protection (MTP) trial prior to 4.0.176.1 allows local users to schedule tasks which call malicious software to execute with elevated privileges via editing of environment variables
CVE-2019-3636 2 Mcafee, Microsoft 2 Total Protection, Windows 2020-08-24 4.6 MEDIUM 7.8 HIGH
A File Masquerade vulnerability in McAfee Total Protection (MTP) version 16.0.R21 and earlier in Windows client allowed an attacker to read the plaintext list of AV-Scan exclusion files from the Windows registry, and to possibly replace excluded files with potential malware without being detected.
CVE-2019-3648 1 Mcafee 3 Anti-virus Plus, Internet Security, Total Protection 2020-08-24 7.2 HIGH 6.7 MEDIUM
A Privilege Escalation vulnerability in the Microsoft Windows client in McAfee Total Protection 16.0.R22 and earlier allows administrators to execute arbitrary code via carefully placing malicious files in specific locations protected by administrator permission.
CVE-2019-3593 2 Mcafee, Microsoft 2 Total Protection, Windows 2020-08-24 5.6 MEDIUM 7.1 HIGH
Exploitation of Privilege/Trust vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Prior to 16.0.R18 allows local users to bypass product self-protection, tamper with policies and product files, and uninstall McAfee software without permission via specially crafted malware.