CVE-2018-6756

EUVD-2018-18503
Authentication Abuse vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute unauthorized commands via specially crafted malware.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
HIGH
LOW
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
trellixCNA
7.8 HIGH
LOCAL
HIGH
LOW
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
Affected Products (NVD)
VendorProductVersion
mcafeetrue_key
𝑥
≤ 5.1.230.7
𝑥
= Vulnerable software versions
References
http://service.mcafee.com/FAQDocument.aspx?&id=TS102872
https://www.exploit-db.com/exploits/45961/
http://service.mcafee.com/FAQDocument.aspx?&id=TS102872
https://www.exploit-db.com/exploits/45961/