Mcafee Consumer Product Removal Tool

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:mcafee,llc:mcafee_consumer_product_removal_tool:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorMcafee,Llc (a07eec98-d34c-5045-9a0e-859fd3b6002d)
ProductMcafee Consumer Product Removal Tool (dae7c53f-2f2c-5362-aeff-ea2e37b0972a)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-1824 vulnerable 2026-06-03 14:45:59.689424 McAfee MCPR privilege escalation
HIGH (7.9)
An uncontrolled search path vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local attacker to perform a sideloading attack by using a specific file name. This could result in the user gaining elevated permissions and being able to execute arbitrary code as there were insufficient checks on the executable being signed by McAfee.
Published: 2022-06-20T10:15:16.000Z
Updated: 2024-08-03T00:17:00.711Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-1823 vulnerable 2026-06-03 14:45:59.687975 McAfee MCPR privilege escalation
HIGH (7.9)
Improper privilege management vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land) attack. This could result in the user gaining elevated permissions and being able to execute arbitrary code, through not correctly checking the integrity of the configuration file.
Published: 2022-06-20T10:15:22.000Z
Updated: 2024-08-03T00:17:00.722Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.