CVE-2022-0280

low-risk
Published 2022-03-10

A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local user to gain privilege elevation and perform an arbitrary file delete. This could lead to sensitive files being deleted and potentially cause denial of service. This attack exploits the way symlinks are created and how the product works with them.

Do I need to act?

-
0.19% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
LOCAL / HIGH complexity

Affected Products (1)

Windows

Affected Vendors

Microsoft

References (2)

Vendor Advisory https://service.mcafee.com/?articleId=TS103271&page=shell&shell=article-view
Vendor Advisory https://service.mcafee.com/?articleId=TS103271&page=shell&shell=article-view
26
/ 100
low-risk
Severity 20/34 · Moderate
Exploitability 1/34 · Minimal
Exposure 5/34 · Minimal