CVE-2018-6690 : What You Need to Know

A vulnerability in McAfee Application Control (MAC) allows authenticated users to execute arbitrary code on Microsoft Windows clients.

Understanding CVE-2018-6690

This CVE involves a whitelist bypass vulnerability in McAfee Application Control (MAC) that enables the execution of arbitrary code.

What is CVE-2018-6690?

The vulnerability in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier versions allows authenticated users to run arbitrary code by accessing, modifying, or executing executable files through file transfer from an external system.

The Impact of CVE-2018-6690

The vulnerability has a CVSS base score of 6.1, indicating a medium severity issue. It poses a high integrity impact and low confidentiality impact.

Technical Details of CVE-2018-6690

This section provides detailed technical information about the CVE.

Vulnerability Description

The vulnerability in McAfee Application Control (MAC) allows authenticated users to execute arbitrary code on Microsoft Windows clients by bypassing whitelists.

Affected Systems and Versions

Affected Platforms: x86
Affected Product: McAfee Application Control (MAC)
Affected Version: 8.0.0 HF 4

Exploitation Mechanism

The vulnerability can be exploited by authenticated users to run arbitrary code through file transfer from an external system.

Mitigation and Prevention

Protect your systems from CVE-2018-6690 with the following steps:

Immediate Steps to Take

Apply security patches provided by McAfee promptly.
Monitor and restrict file transfers from external systems.
Implement least privilege access controls.

Long-Term Security Practices

Regularly update and patch McAfee Application Control (MAC).
Conduct security awareness training for users to prevent unauthorized file transfers.

Patching and Updates

Ensure that you regularly update McAfee Application Control (MAC) to the latest version to mitigate the vulnerability.