cbcvebase.
CVE-2018-6674
published 2018-05-25

CVE-2018-6674: Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to…

PriorityP412low3.9CVSS 3.0
AVPACLPRHUINSUCHINAN
EPSS
0.18%
7.8th percentile
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges).

Affected

2 ranges
VendorProductVersion rangeFixed in
mcafeevirusscan_enterprise
mcafee_llcvirusscan_enterprise>= 8.8 < 8.8 Patch 138.8 Patch 13

CVSS provenance

nvdv3.03.9LOWCVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.