CVE-2022-0280

A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local user to gain privilege elevation and perform an arbitrary file delete. This could lead to sensitive files being deleted and potentially cause denial of service. This attack exploits the way symlinks are created and how the product works with them.

• CVE ID
• CVE-2022-0280

• Assigner
• psirt@mcafee.com

• Vulnerability Status
• Analyzed

• Published Version
• 2022-03-10T23:15:08

• Last Modified Date
• 2022-03-21T16:23:49

• Version
• 2.0

• Vector String
• AV:L/AC:M/Au:N/C:N/I:P/A:P

• Access Vector
• LOCAL

• Access Compatibility
• MEDIUM

• Authentication
• NONE

• Confidentiality Impact
• NONE

• Integrity Impact
• PARTIAL

• Availability Impact
• PARTIAL

• Base Score
• 3.3

• Severity
• LOW

• Exploitability Score
• 3.4

• Impact Score
• 4.9

• Version
• 3.1

• Vector String
• CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H

• Attack Vector
• LOCAL

• Attack Compatibility
• HIGH

• Privileges Required
• LOW

• User Interaction
• NONE

• Scope
• UNCHANGED

• Confidentiality Impact
• NONE

• Availability Impact
• HIGH

• Base Score
• 6.3

• Base Severity
• MEDIUM

• Exploitability Score
• 1

• Impact Score
• 5.2