Privilege Escalation vulnerability in McAfee Total Protection (MTP)
CVE-2021-23872

7.8HIGH

Key Information:

Vendor: Mcafee,llc
Status: Mcafee Total Protection (mtp)
Vendor: CVE Published:; 12 May 2021

What is CVE-2021-23872?

Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by manipulating a symbolic link in the IOCTL interface.

Affected Version(s)

McAfee Total Protection (MTP) < 16.0.32

References

http://service.mcafee.com/FAQDocument.aspx?&id=TS103146

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2021
Vulnerability Reserved
Jan 12, 2021

Mcafee,llc

What is CVE-2021-23872?

Affected Version(s)

References

CVSS V3.1

Timeline