CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-0280

A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local user to gain privilege elevation and perform an arbitrary file delete. This could lead to sensitive files being deleted and potentially cause denial of service. This attack exploits the way symlinks are created and how the product works with them.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 36.4%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 3.3

References

Products affected by CVE-2022-0280

Mcafee » Total Protection » Version: N/A

cpe:2.3:a:mcafee:total_protection:-
Mcafee » Total Protection » Version: 16.0.18

cpe:2.3:a:mcafee:total_protection:16.0.18
Mcafee » Total Protection » Version: 16.0.29

cpe:2.3:a:mcafee:total_protection:16.0.29
Mcafee » Total Protection » Version: 16.0.30

cpe:2.3:a:mcafee:total_protection:16.0.30
Mcafee » Total Protection » Version: 16.0.32

cpe:2.3:a:mcafee:total_protection:16.0.32
Mcafee » Total Protection » Version: 16.0.36

cpe:2.3:a:mcafee:total_protection:16.0.36
Mcafee » Total Protection » Version: 4.0.161.1

cpe:2.3:a:mcafee:total_protection:4.0.161.1
Mcafee » Total Protection » Version: 4.0.176.1

cpe:2.3:a:mcafee:total_protection:4.0.176.1
Mcafee » Total Protection » Version: 4.6

cpe:2.3:a:mcafee:total_protection:4.6
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-0280

Products

Pricing

Contact Us