CVE-2022-1823: McAfee MCPR privilege escalation
First published: Mon Jun 20 2022(Updated: )
Improper privilege management vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land) attack. This could result in the user gaining elevated permissions and being able to execute arbitrary code, through not correctly checking the integrity of the configuration file.
Credit: psirt@mcafee.com trellixpsirt@trellix.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| McAfee Consumer Product Removal Tool | <10.4.128 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2022-1823.
What is the title of this vulnerability?
The title of this vulnerability is 'Improper privilege management vulnerability in McAfee Consumer Product Removal Tool prior to version...'.
What is the severity of CVE-2022-1823?
The severity of CVE-2022-1823 is high with a severity value of 7.8.
How can a local user exploit CVE-2022-1823?
A local user can exploit CVE-2022-1823 by modifying a configuration file and performing a LOLBin (Living off the land) attack, which can result in the user gaining elevated permissions.
How can I fix this vulnerability?
To fix this vulnerability, update McAfee Consumer Product Removal Tool to version 10.4.128 or later.
- collector/nvd-index
- collector/nvd-api
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/severity
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/description
- agent/tags
- agent/first-publish-date
- agent/event
- vendor/mcafee
- canonical/mcafee consumer product removal tool