PT-2021-15576 · Mcafee · Mcafee Total Protection

Published

2021-05-12

Updated

2022-05-03

CVE-2021-23872

CVSS v3.1

7.8

High

Vector

AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: McAfee Total Protection versions prior to 16.0.32

Description: The issue allows a local user to gain elevated privileges by manipulating a symbolic link in the IOCTL interface. This is related to the File Lock component.

Recommendations: For versions prior to 16.0.32, update to version 16.0.32 or later to resolve the issue. As a temporary workaround, consider restricting access to the IOCTL interface until a patch is available.

Fix

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-59

Related Identifiers

CVE-2021-23872

Affected Products

Mcafee Total Protection

PT-2021-15576 · Mcafee · Mcafee Total Protection

CVE-2021-23872

Weakness Enumeration

Related Identifiers

Affected Products

References · 6