CVE-2022-1823

Name of the Vulnerable Software and Affected Versions McAfee Consumer Product Removal Tool versions prior to 10.4.128

Description The issue is related to improper privilege management, which could allow a local user to modify a configuration file. This modification could lead to a LOLBin (Living off the land) attack, resulting in the user gaining elevated permissions and being able to execute arbitrary code. The vulnerability arises from the failure to correctly check the integrity of the configuration file.

Recommendations For versions prior to 10.4.128, update to version 10.4.128 or later to resolve the issue. As a temporary workaround, consider restricting access to the configuration file to prevent unauthorized modifications until the update is applied.