cvedb.io
CVE-2022-0280
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2022-03-10T23:15:08.270 · Last modified 2026-06-17T04:20:16.483

Summary

A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local user to gain privilege elevation and perform an arbitrary file delete. This could lead to sensitive files being deleted and potentially cause denial of service. This attack exploits the way symlinks are created and how the product works with them.

Affected products

mcafee — total_protection

Does this affect you?

Add your gear to cvedb and we'll alert you only when mcafee ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.