We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-49592



Description

Trial installer for McAfee Total Protection (legacy trial installer software) 16.0.53 allows local privilege escalation because of an Uncontrolled Search Path Element. The attacker could be "an adversary or knowledgeable user" and the type of attack could be called "DLL-squatting." The issue only affects execution of this installer, and does not leave McAfee Total Protection in a vulnerable state after installation is completed. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Reserved 2024-10-17 | Published 2024-11-15 | Updated 2024-11-27 | Assigner mitre

References

www.mcafee.com/support/s/article/000002516?language=en_US

cve.org (CVE-2024-49592)

nvd.nist.gov (CVE-2024-49592)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-49592

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.