An independent cybersecurity researcher found a vulnerability in Intel's McAfee VirusScan Enterprise for Linux that can allow a remote code execution as root.
Andrew Fasano blogged that versions 1.9.2 through 2.0.2 of the cybersecurity software are affected. He noted the software was ripe for the picking as it runs as root, is not widely used and had not been updated for quite some time.
Fasano's investigation found 10 specific vulnerabilities that when operated together allow an attacker to execute code as root.
After being notified by Fasano, McaFee issued an update fixing the issues on Dec. 9, the Inquirer reported.