McAfee Application And Change Control
By the Year
In 2023 there have been 1 vulnerability in McAfee Application And Change Control with an average score of 4.4 out of ten. Last year Application And Change Control had 1 security vulnerability published. At the current rates, it appears that the number of vulnerabilities last year and this year may equal out. Last year, the average CVE base score was greater by 3.40
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 1 | 4.40 |
| 2022 | 1 | 7.80 |
| 2021 | 0 | 0.00 |
| 2020 | 3 | 6.93 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Application And Change Control vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent McAfee Application And Change Control Security Vulnerabilities
Product security bypass vulnerability in ACC prior to version 8.3.4
CVE-2023-0221
4.4 - Medium
- January 13, 2023
Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attacker with administrator privileges to bypass the execution controls provided by ACC using the utilman program.
Improper Privilege Management
Potential product security bypass vulnerability in McAfee Application and Change Control (MACC) prior to version 8.3.4 allows a locally logged in attacker to circumvent the application solidification protection provided by MACC, permitting them to run applications
CVE-2021-31833
7.8 - High
- January 04, 2022
Potential product security bypass vulnerability in McAfee Application and Change Control (MACC) prior to version 8.3.4 allows a locally logged in attacker to circumvent the application solidification protection provided by MACC, permitting them to run applications that would usually be prevented by MACC. This would require the attacker to rename the specified binary to match name of any configured updater and perform a specific set of steps, resulting in the renamed binary to be to run.
Improper Privilege Management
Improper privilege assignment vulnerability in the installer McAfee Application and Change Control (MACC) prior to 8.3.2
CVE-2020-7334
8.2 - High
- October 15, 2020
Improper privilege assignment vulnerability in the installer McAfee Application and Change Control (MACC) prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer. This version adds further controls for installation/uninstallation of software.
Improper Privilege Management
Cross Site Scripting vulnerability in ePO extension in McAfee Application Control (MAC) prior to 8.3.1
CVE-2020-7309
4.8 - Medium
- August 26, 2020
Cross Site Scripting vulnerability in ePO extension in McAfee Application Control (MAC) prior to 8.3.1 allows administrators to inject arbitrary web script or HTML via specially crafted input in the policy discovery section.
XSS
DLL Side Loading vulnerability in the installer for McAfee Application and Change Control (MACC) prior to 8.3
CVE-2020-7260
7.8 - High
- March 26, 2020
DLL Side Loading vulnerability in the installer for McAfee Application and Change Control (MACC) prior to 8.3 allows local users to execute arbitrary code via execution from a compromised folder.
Untrusted Path
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for McAfee Application And Change Control or by McAfee? Click the Watch button to subscribe.
