CVE-2019-3636 HIGH

CVE-2019-3636: File masquerade attack vulnerability in McAfee Total Protection

Vendor Mcafee, Lcc
Product McAfee Total Protection
Published October 28, 2019
Last update September 17, 2024

CVSS base score

7.5/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

A File Masquerade vulnerability in McAfee Total Protection (MTP) version 16.0.R21 and earlier in Windows client allowed an attacker to read the plaintext list of AV-Scan exclusion files from the Windows registry, and to possibly replace excluded files with potential malware without being detected.

Key dates

02Disclosure timeline

October 28, 2019 CVE published
September 17, 2024 Record updated