Описание
Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from.
Уязвимые конфигурации
Конфигурация 1Версия до 4.0.0.2 (исключая)
cpe:2.3:a:mcafee:techcheck:*:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.00059
Низкий
7.4 High
CVSS3
6.7 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-427
Связанные уязвимости
github
около 4 лет назад
Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from.
EPSS
Процентиль: 19%
0.00059
Низкий
7.4 High
CVSS3
6.7 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-427