McAfee patched a security vulnerability discovered in all editions of its Antivirus software for Windows. The vulnerability allows potential attackers to escalate privileges and execute code using SYSTEM privileges. McAfee Total Protection (MTP), McAfee Anti-Virus Plus (AVP), and McAfee Internet Security (MIS) up to and including 16.0.R22 are all impacted by this local privilege escalation (LPE) bug. The bug is caused because the antivirus solution is attempting to load a DLL from its current working directory (CWD) instead of its actual location.
Source: https://www.bleepingcomputer.com/news/security/mcafee-patches-privilege-escalation-flaw-in-antivirus-software/