- Description
- DLL Search Order Hijacking vulnerability in the Microsoft Windows client in McAfee Tech Check 3.0.0.17 and earlier allows local users to execute arbitrary code via the local folder placed there by an attacker.
- Source
- trellixpsirt@trellix.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 4.4
- Impact score
- 6.4
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:P/I:P/A:P
- nvd@nist.gov
- CWE-427
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:techcheck:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4020CEA9-7A0E-4B20-97C9-F5FFEE81FAAC",
"versionEndIncluding": "3.0.0.17"
}
],
"operator": "OR"
}
]
}
]