McAfee VirusScan enterprise vulnerabilities put your network security at risk

Specialists from a hacking course reported the discovery of at least three security vulnerabilities in VirusScan, one of McAfee most popular products employed in thousands of enterprise environments. According to the report, exploiting these flaws would allow the deployment of malicious scenarios such as escalations of privileges on the affected system.

Below are brief overviews of reported flaws, in addition to their respective tracking keys and scores according to the Common Vulnerability Scoring System (CVSS).

CVE-2020-7280: This vulnerability exists because VirusScan does not impose any security restriction on processing log files during its upgrade processes, which would allow a threat actor to scale privileges on the target system.

A local user could create a join and overwrite the contents of a target file, leading to code execution with system privileges. This flaw is present in VirusScan version 8.8 and received a CVSS score of 6.8/10, becoming a low severity error. Its exploitation requires authenticated local access to the target system, so an attack in real-world scenarios is unlikely.

CVE-2019-3585: This flaw exists because the security software does not impose restrictions on the Microsoft Windows client (McTray.exe), which could lead to an escalation of privileges, mentioned experts of the hacking course.

Threat actors could interact with elevated real-time analytics messages using McAfee Tray execution. This flaw is also in VirusScan version 8.8 and received a CVSS score of 6.1/10, so this is a low security flaw.

To exploit this vulnerability, attackers would require authenticated local access to the target system; no attempts at active exploitation have been detected so far.

CVE-2019-3588: This vulnerability exists because the affected application does not impose security restrictions on the Microsoft Windows client (McTray.exe). An attacker with local access can interact with real-time scan messages: Threat alert window when the Windows logon screen is locked. The vulnerability allows a local attacker to scale privileges on the system.

This flaw is found in VirusScan v8.8 and received a CVSS score of 5.5/10, so hacking course experts do not believe it poses greater risks to users of affected deployments.

According to the International Cyber Security Institute (IICS), the flaws have already been reported to McAfee immediately, so updates were released soon after. Users of this product should only verify that the installation has been completed successfully.