Published: 13/11/2019 Updated: 07/11/2023

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.7 | Impact Score: 5.9 | Exploitability Score: 0.8

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

A Privilege Escalation vulnerability in the Microsoft Windows client in McAfee Total Protection 16.0.R22 and previous versions allows administrators to execute arbitrary code via carefully placing malicious files in specific locations protected by administrator permission.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mcafee anti-virus plus
mcafee internet security
mcafee total protection

From AV to oy-vey: McAfee antivirus has security hole of its own

The Register • Shaun Nichols in San Francisco • 12 Nov 2019

Security suite falls victim to malicious DLLs We're almost into the third decade of the 21st century and we're still grading security bugs out of 10 like kids. Why?

Three of McAfee's anti-malware tools have been found to contain a vulnerability that could potentially allow an attacker to bypass its security protections and take control of a PC. The team with SafeBreach says that it has already privately reported the bug to McAfee, and the security shop was able to release a patch on Tuesday prior to the report going public. Users and admins running McAfee Total Protection, Anti-Virus Plus, and Internet Security are all advised to update their software to ve...

CVE-2019-3648

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect