CVE-2019-3648 vulnerability in McAfee Products
Published on November 13, 2019
A Privilege Escalation vulnerability in the Microsoft Windows client in McAfee Total Protection 16.0.R22 and earlier allows administrators to execute arbitrary code via carefully placing malicious files in specific locations protected by administrator permission.
Vulnerability Analysis
CVE-2019-3648 is exploitable with local system access, and requires user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and a small impact on availability.
Products Associated with CVE-2019-3648
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-3648 are published in these products:
Affected Versions
McAfee,LLC McAfee Total Protection:- Version 16.0.x and below 16.0.R22 Refresh 1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.