Security & Vulnerability Researcher / Professional Penetration Tester

CVE-2018-6674 - McAfee - Improper Privilege Management

When the process McTray.exe runs with elevated privileges, VSE might spawn a process inheriting the parent’s privileges. This issue exposes the system to be manipulated by an attacker.

Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 earlier than Patch 13 may allow local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges.

Trellix Security Bulletin SB10237

buy me a coffee