Table of Contents
Info:
- CVE : CVE-2024-0312
- CVSS : 5.5 (MEDIUM)
- CVE.org : https://www.cve.org/CVERecord?id=CVE-2024-0312
- References : https://kcm.trellix.com/corporate/index?page=content&id=SB10418
Summary:
- McAfee Client Proxy has challenge/response protection steps before to executes its uninstall program.
- The protection program requests user to get a valid response code from system admin.
- If user input a valid response code, the protection program executes its uninstaller.
- if user fail to input a valid response code, the protection program denies to executes its uninstaller.
- This Challenge/Response steps are vulnerable to simple API hooking and can be bypassed with any codes.