CVE-2019-3588

Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked.

Published: Jun 10, 2020
Updated: Apr 13, 2023
CVE: CVE-2019-3588
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.8
AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.9
AV:L/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-269

Affected Software
References

Software	From	Fixed in
mcafee / virusscan_enterprise	8.8-patch1	8.8-patch1.x
mcafee / virusscan_enterprise	8.8-patch2	8.8-patch2.x
mcafee / virusscan_enterprise	8.8-patch3	8.8-patch3.x
mcafee / virusscan_enterprise	8.8-patch4	8.8-patch4.x
mcafee / virusscan_enterprise	8.8-patch5	8.8-patch5.x
mcafee / virusscan_enterprise	8.8-patch6	8.8-patch6.x
mcafee / virusscan_enterprise	8.8-patch7	8.8-patch7.x
mcafee / virusscan_enterprise	8.8-patch8	8.8-patch8.x
mcafee / virusscan_enterprise	8.8-patch9	8.8-patch9.x
mcafee / virusscan_enterprise	8.8-patch10	8.8-patch10.x
mcafee / virusscan_enterprise	8.8-patch11	8.8-patch11.x
mcafee / virusscan_enterprise	8.8-patch12	8.8-patch12.x
mcafee / virusscan_enterprise	8.8-patch13	8.8-patch13.x
mcafee / virusscan_enterprise	8.8	8.8.x

https://kc.mcafee.com/corporate/index?page=content&id=SB10302

Vulnerability Database

289,697

CVE-2019-3588