Privilege escalation in Mcafee Virusscan_enterprise

CVE-2018-6674

Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator gr…

EPSS: 0.002 (7.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.8 (Medium). Vector: CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2018-6674?
CVE-2018-6674 is a medium-severity vulnerability in Mcafee Virusscan_enterprise, classified under CWE-264. CVSS score: 6.8/10. Published 2018-05-25.
How severe is CVE-2018-6674?
Medium severity. CVSS v3 base score is 6.8 out of 10.