Mcafee: >> Security Scan Plus >> 3.11.469 Security Vulnerabilities
An improper privilege management vulnerability in McAfee Security Scan Plus (MSS+) before 4.1.262.1 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land) attack. This could result in the user gaining elevated permissions and being able to execute arbitrary code due to lack of an integrity check of the configuration file.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-18
A Code Injection vulnerability in the non-certificate-based authentication mechanism in McAfee Live Safe versions prior to 16.0.3 and McAfee Security Scan Plus (MSS+) versions prior to 3.11.599.3 allows network attackers to perform a malicious file execution via a HTTP backend-response.
CVSS Score
9.8
EPSS Score
0.083
Published
2017-09-01
Arbitrary command execution vulnerability in Intel Security McAfee Security Scan Plus (SSP) 3.11.469 and earlier allows authenticated users to gain elevated privileges via unspecified vectors.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-03-14