CyberSec.Space Logo
Back to CVE Browser

CVE-2021-23873

HIGH
7.8
CVSS Severity Score
EPSS Score0.0420%
EPSS Percentile37.68th
PublishedFeb 10, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file deletion as the SYSTEM user potentially causing Denial of Service via manipulating Junction link, after enumerating certain files, at a specific time.

Affected Platforms (CPE)

πŸ“¦
Mcafee

Total Protection

< 16.0.30

References & Advisories

πŸ”— http://service.mcafee.com/FAQDocument.aspx?&id=TS103114
πŸ”— https://www.zerodayinitiative.com/advisories/ZDI-21-175/
πŸ”— http://service.mcafee.com/FAQDocument.aspx?&id=TS103114
πŸ”— https://www.zerodayinitiative.com/advisories/ZDI-21-175/

Related Vulnerabilities

CVE-2015-87729.1

McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protection allows local users to obtain sensitive information from k...

CVE-2021-238748.2

Arbitrary Process Execution vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated p...

CVE-2021-238727.8

Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local use...

CVE-2021-238767.8

Bypass Remote Procedure call in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and...