Vulnerability Description
McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading. This could enable a user with lower privileges to execute unauthorized tasks.
CVSS Score
5.5
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mcafee | Total Protection | < 16.0.49 |
Related Weaknesses (CWE)
References
- https://www.mcafee.com/en-us/consumer-corporate/mcafee-labs/product-security-bulVendor Advisory
- https://www.mcafee.com/support/?articleId=TS103397&page=shell&shell=article-viewVendor Advisory
- https://www.mcafee.com/en-us/consumer-corporate/mcafee-labs/product-security-bulVendor Advisory
- https://www.mcafee.com/support/?articleId=TS103397&page=shell&shell=article-viewVendor Advisory
FAQ
What is CVE-2023-24578?
CVE-2023-24578 is a vulnerability with a CVSS score of 5.5 (MEDIUM). McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading. This could enable a user with lower privileges to execute unauthorized tasks.
How severe is CVE-2023-24578?
CVE-2023-24578 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-24578?
Check the references section above for vendor advisories and patch information. Affected products include: Mcafee Total Protection.