Potential product security bypass vulnerability in McAfee...
High severity
Unreviewed
Published
Jan 5, 2022
to the GitHub Advisory Database
•
Updated Nov 15, 2023
Description
Published by the National Vulnerability Database
Jan 4, 2022
Published to the GitHub Advisory Database
Jan 5, 2022
Last updated
Nov 15, 2023
Potential product security bypass vulnerability in McAfee Application and Change Control (MACC) prior to version 8.3.4 allows a locally logged in attacker to circumvent the application solidification protection provided by MACC, permitting them to run applications that would usually be prevented by MACC. This would require the attacker to rename the specified binary to match name of any configured updater and perform a specific set of steps, resulting in the renamed binary to be to run.
References