CVE-2019-3585

Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges.

Published: Jun 10, 2020
Updated: Apr 13, 2023
CVE: CVE-2019-3585
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-269

Affected Software
References

Software	From	Fixed in
mcafee / virusscan_enterprise	8.8-patch1	8.8-patch1.x
mcafee / virusscan_enterprise	8.8-patch2	8.8-patch2.x
mcafee / virusscan_enterprise	8.8-patch3	8.8-patch3.x
mcafee / virusscan_enterprise	8.8-patch4	8.8-patch4.x
mcafee / virusscan_enterprise	8.8-patch5	8.8-patch5.x
mcafee / virusscan_enterprise	8.8-patch6	8.8-patch6.x
mcafee / virusscan_enterprise	8.8-patch7	8.8-patch7.x
mcafee / virusscan_enterprise	8.8-patch8	8.8-patch8.x
mcafee / virusscan_enterprise	8.8-patch9	8.8-patch9.x
mcafee / virusscan_enterprise	8.8-patch10	8.8-patch10.x
mcafee / virusscan_enterprise	8.8-patch11	8.8-patch11.x
mcafee / virusscan_enterprise	8.8-patch12	8.8-patch12.x
mcafee / virusscan_enterprise	8.8-patch13	8.8-patch13.x
mcafee / virusscan_enterprise	8.8	8.8.x

https://kc.mcafee.com/corporate/index?page=content&id=SB10302

Vulnerability Database

289,697

CVE-2019-3585