Mcafee True Key vulnerabilities
8 known vulnerabilities affecting mcafee/true_key.
Total CVEs
8
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
HIGH5MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2018-6756P3HIGHCVSS 7.8PoC≤ 5.1.230.7≥ 5.1.230.7, ≤ 5.1.230.72018-12-06
CVE-2018-6756 [HIGH] CVE-2018-6756: Authentication Abuse vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and
Authentication Abuse vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute unauthorized commands via specially crafted malware.
nvd
CVE-2018-6755P3HIGHCVSS 7.8PoC≤ 5.1.230.7≥ 5.1.230.7, ≤ 5.1.230.72018-12-06
CVE-2018-6755 [HIGH] CWE-732 CVE-2018-6755: Weak Directory Permission Vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.
Weak Directory Permission Vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware.
nvd
CVE-2018-6757P3HIGHCVSS 7.8PoC≤ 5.1.230.7≥ 5.1.230.7, ≤ 5.1.230.72018-12-06
CVE-2018-6757 [HIGH] CVE-2018-6757: Privilege Escalation vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and
Privilege Escalation vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware.
nvd
CVE-2018-6661P3HIGHCVSS 7.8PoC≤ 4.20≥ 4.20.110, < 4.20.1102018-04-02
CVE-2018-6661 [HIGH] CWE-426 CVE-2018-6661: DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee True Key before 4.20.110 allows
DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee True Key before 4.20.110 allows local users to gain privilege elevation via not verifying a particular DLL file signature.
nvd
CVE-2018-6700P4HIGHCVSS 7.8fixed in 5.1.165≥ 5.1.165, < 5.1.1652018-09-24
CVE-2018-6700 [HIGH] CWE-426 CVE-2018-6700: DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key (TK) before
DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key (TK) before 5.1.165 allows local users to execute arbitrary code via specially crafted malware.
nvd
CVE-2018-6682P4MEDIUMCVSS 6.1≤ 4.0.0.0≥ 4.0.0.0, ≤ 4.0.0.02018-09-24
CVE-2018-6682 [MEDIUM] CWE-79 CVE-2018-6682: Cross Site Scripting Exposure in McAfee True Key (TK) 4.0.0.0 and earlier allows local users to expo
Cross Site Scripting Exposure in McAfee True Key (TK) 4.0.0.0 and earlier allows local users to expose confidential data via a crafted web site.
nvd
CVE-2019-3610P4MEDIUMCVSS 5.5≤ 3.1.9211.02019-02-13
CVE-2019-3610 [MEDIUM] CWE-200 CVE-2019-3610: Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 an
Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware.
nvd
CVE-2020-7299P4MEDIUMCVSS 4.1fixed in 6.2.109.22020-09-04
CVE-2020-7299 [MEDIUM] CWE-522 CVE-2020-7299: Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in Mc
Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in McAfee True Key (TK) prior to 6.2.109.2 allows a local user logged in with administrative privileges to access to another user’s passwords on the same machine via triggering a process dump in specific situations.
nvd