Unrated severityNVD Advisory· Published Mar 10, 2022· Updated Aug 2, 2024

McAfee Total Protection (MTP) - File Deletion vulnerability

CVE-2022-0280

Description

A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local user to gain privilege elevation and perform an arbitrary file delete. This could lead to sensitive files being deleted and potentially cause denial of service. This attack exploits the way symlinks are created and how the product works with them.

Affected products

McAfee/Total Protection for Windowsllm-create
Range: <16.0.43
McAfee/McAfee Total Protectioncpe-rescue
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

service.mcafee.commitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000