Skip to main content

True Key

8 CVEs product

Monthly

CVE-2020-7299 MEDIUM This Month

Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in McAfee True Key (TK) prior to 6.2.109.2 allows a local user logged in with administrative privileges. Rated medium severity (CVSS 4.1). No vendor patch available.

Microsoft Information Disclosure True Key
NVD
CVSS 3.1
4.1
EPSS
0.4%
CVE-2019-3610 MEDIUM This Month

Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure True Key
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2018-6757 HIGH POC This Week

Privilege Escalation vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft RCE True Key
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
1.1%
CVE-2018-6756 HIGH POC This Week

Authentication Abuse vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute unauthorized commands via specially crafted malware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Microsoft True Key
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
1.0%
CVE-2018-6755 HIGH POC This Week

Weak Directory Permission Vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft RCE True Key
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
1.0%
CVE-2018-6700 HIGH This Week

DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key (TK) before 5.1.165 allows local users to execute arbitrary code via specially crafted malware. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE True Key
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2018-6682 MEDIUM This Month

Cross Site Scripting Exposure in McAfee True Key (TK) 4.0.0.0 and earlier allows local users to expose confidential data via a crafted web site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS True Key
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2018-6661 HIGH This Week

DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee True Key before 4.20.110 allows local users to gain privilege elevation via not verifying a particular DLL file signature. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure True Key
NVD
CVSS 3.1
7.8
EPSS
0.8%
EPSS 0% CVSS 4.1
MEDIUM This Month

Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in McAfee True Key (TK) prior to 6.2.109.2 allows a local user logged in with administrative privileges. Rated medium severity (CVSS 4.1). No vendor patch available.

Microsoft Information Disclosure True Key
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure True Key
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

Privilege Escalation vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft RCE +1
NVD Exploit-DB
EPSS 1% CVSS 7.8
HIGH POC This Week

Authentication Abuse vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute unauthorized commands via specially crafted malware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Microsoft True Key
NVD Exploit-DB
EPSS 1% CVSS 7.8
HIGH POC This Week

Weak Directory Permission Vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft RCE True Key
NVD Exploit-DB
EPSS 1% CVSS 7.8
HIGH This Week

DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key (TK) before 5.1.165 allows local users to execute arbitrary code via specially crafted malware. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE True Key
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Cross Site Scripting Exposure in McAfee True Key (TK) 4.0.0.0 and earlier allows local users to expose confidential data via a crafted web site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS True Key
NVD
EPSS 1% CVSS 7.8
HIGH This Week

DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee True Key before 4.20.110 allows local users to gain privilege elevation via not verifying a particular DLL file signature. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure True Key
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy