CyberSec.Space Logo
CVEブラウザに戻る

CVE-2021-23873

HIGH
7.8
CVSS Severity Score
EPSS Score0.0420%
EPSS Percentile37.68th
Published2021年2月10日
Last Modified2024年11月21日

Vulnerability Description

Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file deletion as the SYSTEM user potentially causing Denial of Service via manipulating Junction link, after enumerating certain files, at a specific time.

Affected Platforms (CPE)

📦
Mcafee

Total Protection

< 16.0.30

References & Advisories

🔗 http://service.mcafee.com/FAQDocument.aspx?&id=TS103114
🔗 https://www.zerodayinitiative.com/advisories/ZDI-21-175/
🔗 http://service.mcafee.com/FAQDocument.aspx?&id=TS103114
🔗 https://www.zerodayinitiative.com/advisories/ZDI-21-175/

関連する脆弱性情報

CVE-2015-87729.1

McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protection allows local users to obtain sensitive information from k...

CVE-2021-238748.2

Arbitrary Process Execution vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated p...

CVE-2021-238727.8

Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local use...

CVE-2021-238767.8

Bypass Remote Procedure call in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and...