Security & Vulnerability Researcher / Professional Penetration Tester

CVE-2019-3637 - McAfee - Privilege Escalation

Privilege Escalation vulnerability in McAfee FRP 5.x earlier than allows local users to gain elevated privileges via running McAfee Tray with elevated privileges.

When FRP is installed, it includes a plug-in to facilitate user interaction with the McAfee Agent Tray. To exploit this vulnerability, an attacker would need to run McAfee Agent Tray with administrator rights on the target machine. From the elevated McAfee Tray, the attacker can start the FRP console with the same administrator rights and then use the console to start other processes with the same rights. The FRP console has been updated to prevent elevated privileges from being inherited from McAfee Tray.

Trellix Security Bulletin SB10291

buy me a coffee