A vulnerability classified as critical has been found in McAfee Total Protection Free Antivirus Trial up to 16.0.R18 (Anti-Malware Software). Affected is an unknown functionality of the component DLL Handler. The manipulation with an unknown input leads to a untrusted search path vulnerability. CWE is classifying the issue as CWE-426. The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control. This is going to have an impact on confidentiality, integrity, and availability. CVE summarizes:

DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Free Antivirus Trial 16.0.R18 and earlier allows local users to execute arbitrary code via execution from a compromised folder placed by an attacker with administrator rights.

The weakness was released 09/13/2019 (Website). The advisory is available at service.mcafee.com. This vulnerability is traded as CVE-2019-3646 since 01/03/2019. Local access is required to approach this attack. The successful exploitation needs a authentication. The technical details are unknown and an exploit is not available. The structure of the vulnerability defines a possible price range of USD $5k-$25k at the moment (estimation calculated on 12/25/2023). This vulnerability is assigned to T1574 by the MITRE ATT&CK project.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Productinfo

Type

• Anti-Malware Software

Vendor

• McAfee

Name

• Total Protection Free Antivirus Trial

Version

• 16.0.R18

License

• commercial

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion