CVE-2021-23874
McAfee Total Protection (MTP) privilege escalation vulnerability
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- January 12, 2021
- Published Date
- February 10, 2021
- Last Updated
- February 04, 2025
- Vendor
- McAfee,LLC
- Product
- McAfee Total Protection (MTP)
- Description
- Arbitrary Process Execution vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and execute arbitrary code bypassing MTP self-defense.
CVSS Scores
CVSS v3.1
8.2 - HIGH
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
SSVC Information
- Exploitation
- active
- Technical Impact
- total
Exploit Status
- Exploited in the Wild
- Yes (added 2021-11-03 00:00:00 UTC) Source
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2021-11-03 00:00:00 UTC |