OpenCVE

Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mcafee	Techcheck

Configuration 1 [-]

cpe:2.3:a:mcafee:techcheck:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://service.mcafee.com/?articleId=TS103243

History

No history.

MITRE

Status: PUBLISHED

Assigner: trellix

Published: 2022-01-11T17:10:10

Updated: 2024-08-02T23:18:41.751Z

Reserved: 2022-01-05T00:00:00

Link: CVE-2022-0129

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-01-11T17:15:08.197

Modified: 2024-11-21T06:37:57.800

Link: CVE-2022-0129

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "McAfee TechCheck", "vendor": "McAfee,LLC", "versions": [{"lessThan": "4.0.0.2", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-427", "description": "CWE-427: Uncontrolled Search Path Element\t", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-01-11T17:10:10", "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808", "shortName": "trellix"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://service.mcafee.com/?articleId=TS103243"}], "source": {"discovery": "UNKNOWN"}, "title": "DLL Highjack vulnerability in McAfee TechCheck utility", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@mcafee.com", "ID": "CVE-2022-0129", "STATE": "PUBLIC", "TITLE": "DLL Highjack vulnerability in McAfee TechCheck utility"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "McAfee TechCheck", "version": {"version_data": [{"version_affected": "<", "version_value": "4.0.0.2"}]}}]}, "vendor_name": "McAfee,LLC"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-427: Uncontrolled Search Path Element\t"}]}]}, "references": {"reference_data": [{"name": "https://service.mcafee.com/?articleId=TS103243", "refsource": "CONFIRM", "url": "https://service.mcafee.com/?articleId=TS103243"}]}, "source": {"discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:18:41.751Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://service.mcafee.com/?articleId=TS103243"}]}]}, "cveMetadata": {"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808", "assignerShortName": "trellix", "cveId": "CVE-2022-0129", "datePublished": "2022-01-11T17:10:10", "dateReserved": "2022-01-05T00:00:00", "dateUpdated": "2024-08-02T23:18:41.751Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:techcheck:*:*:*:*:*:*:*:*", "matchCriteriaId": "AFC580FB-32B9-4665-B1FB-F5F3E2A3F462", "versionEndExcluding": "4.0.0.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from."}, {"lang": "es", "value": "Una vulnerabilidad del elemento de ruta de b\u00fasqueda no controlada en McAfee TechCheck versiones anteriores a 4.0.0.2, permite que un administrador local cargue su propia biblioteca de enlaces din\u00e1micos (DLL) obteniendo una elevaci\u00f3n de privilegios a usuario del sistema. Esto es logrado mediante la colocaci\u00f3n de la DLL maliciosa en el mismo directorio desde el que era ejecutado el proceso"}], "id": "CVE-2022-0129", "lastModified": "2024-11-21T06:37:57.800", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.1, "impactScore": 5.8, "source": "trellixpsirt@trellix.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-01-11T17:15:08.197", "references": [{"source": "trellixpsirt@trellix.com", "url": "https://service.mcafee.com/?articleId=TS103243"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://service.mcafee.com/?articleId=TS103243"}], "sourceIdentifier": "trellixpsirt@trellix.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-427"}], "source": "trellixpsirt@trellix.com", "type": "Secondary"}]}