CVE-2018-6756

Authentication Abuse vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute unauthorized commands via specially crafted malware.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
HIGH
LOW
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
trellixCNA
7.8 HIGH
LOCAL
HIGH
LOW
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 35%
VendorProductVersion
mcafeetrue_key
𝑥
≤ 5.1.230.7
𝑥
= Vulnerable software versions
References
http://service.mcafee.com/FAQDocument.aspx?&id=TS102872
https://www.exploit-db.com/exploits/45961/
http://service.mcafee.com/FAQDocument.aspx?&id=TS102872
https://www.exploit-db.com/exploits/45961/