Published on: 01/11/2022 12:00:00 AM UTC
Last Modified on: 01/11/2022 05:59:00 PM UTC
Uncontrolled search path element vulnerability in McAfee TechCheck prior to 184.108.40.206 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from.
- CVE-2022-0129 has been assigned by [email protected] to track the vulnerability
- Affected Vendor/Software: McAfee,LLC - McAfee TechCheck version < 220.127.116.11
|No Description Provided|| service.mcafee.com |
|@CVEreport||CVE-2022-0129 : Uncontrolled search path element vulnerability in McAfee TechCheck prior to 18.104.22.168 allows a local… twitter.com/i/web/status/1…||2022-01-11 17:11:29|
|@l33d0hyun||The vulnerability that I reported to McAfee a month ago has been patched ? CVE-2022-0129: McAfee TechCheck Insecur… twitter.com/i/web/status/1…||2022-01-11 17:25:35|