CVE-2021-23891: Privilege Escalation vulnerability in McAfee Total Protection (MTP)
First published: Wed May 12 2021(Updated: )
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by impersonating a client token which could lead to the bypassing of MTP self-defense.
Credit: psirt@mcafee.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mcafee Total Protection | <16.0.32 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2021-23891.
What is the severity of CVE-2021-23891?
The severity of CVE-2021-23891 is high with a CVSS score of 7.8.
What is the description of CVE-2021-23891?
CVE-2021-23891 is a privilege escalation vulnerability in McAfee Total Protection (MTP) prior to version 16.0.32 that allows a local user to gain elevated privileges by impersonating a client token, potentially bypassing MTP self-defense.
Which software versions are affected by CVE-2021-23891?
CVE-2021-23891 affects McAfee Total Protection versions prior to 16.0.32.
How can I fix the CVE-2021-23891 vulnerability?
To fix the CVE-2021-23891 vulnerability, it is recommended to update McAfee Total Protection to version 16.0.32 or later.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/title
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- vendor/mcafee
- canonical/mcafee total protection