CVE-2018-6674

Name of the Vulnerable Software and Affected Versions McAfee VirusScan Enterprise version 8.8 prior to Patch 13

Description The issue concerns a privilege escalation problem in McAfee VirusScan Enterprise, where local users can spawn unrelated processes with elevated privileges if the system administrator grants McTray.exe elevated privileges. This is possible because, by default, McTray.exe runs with the current user's privileges. The vulnerability is also related to insufficient access control, which could allow an attacker to view configuration information in text format using the graphical user interface.

Recommendations For McAfee VirusScan Enterprise version 8.8 prior to Patch 13, apply Patch 13 to resolve the issue. As a temporary workaround, consider restricting the privileges granted to McTray.exe to prevent exploitation. Avoid granting McTray.exe elevated privileges unless necessary, and ensure that access to configuration information is properly restricted to authorized users.