CVE-2024-0311 Bypass the existing policy of Skyhigh Client Proxy without a valid release code
- CVE : CVE-2024-0311
- CVSS : 5.5 (MEDIUM)
Summary
- McAfee Client Proxy has MCPBypass.exe which is its own policy bypass program.
- McAfee Client Proxy has challenge/response protection steps before to allow bypass request from user.
- The bypass program requests user to get a valid response code from system admin.
- If user input a valid response code, the bypass program set its status to “Bypass active”.
- if user fail to input a valid response code, the bypass program reject the request.
- This Challenge/Response steps and IPC to MCPService are vulnerable to simple API hooking and can be bypassed with any release codes.
