CVE-2024-0312 Uninstall Skyhigh Client Proxy without a valid uninstall password
Info
- CVE : CVE-2024-0312
- CVSS : 5.5 (MEDIUM)
Summary
- McAfee Client Proxy has challenge/response protection steps before to executes its uninstall program.
- The protection program requests user to get a valid response code from system admin.
- If user input a valid response code, the protection program executes its uninstaller.
- if user fail to input a valid response code, the protection program denies to executes its uninstaller.
- This Challenge/Response steps are vulnerable to simple API hooking and can be bypassed with any codes.
