Privilege escalation in Mcafee Virusscan_enterprise
CVE-2018-6674
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator gr…
EPSS: 0.002 (7.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.8 (Medium). Vector: CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H.
Affected products
- Mcafee Virusscan_enterprise — versions 8.8.0
- Mcafee, Llc Virusscan Enterprise (Vse) — versions 8.8
- Microsoft Windows
Weakness classification (CWE)
References
- trellixpsirt@trellix.com (x_refsource_CONFIRM)
Frequently asked questions
- What is CVE-2018-6674?
- CVE-2018-6674 is a medium-severity vulnerability in Mcafee Virusscan_enterprise, classified under CWE-264. CVSS score: 6.8/10. Published 2018-05-25.
- How severe is CVE-2018-6674?
- Medium severity. CVSS v3 base score is 6.8 out of 10.