7 matches found
McAfee Agent < 5.7.5 Multiple Vulnerabilities (SB10378)
The version of McAfee Agent, formerly McAfee ePolicy Orchestrator ePO Agent, installed on the remote host is prior to 5.7.5. It is, therefore, affected by the following vulnerabilities: - A command Injection Vulnerability in McAfee Agent MA for Windows prior to 5.7.5 allows local users to inject...
McAfee Bug Can Be Exploited to Gain Windows SYSTEM Privileges
McAfee has patched two high-severity vulnerabilities in a component of its McAfee Enterprise product that attackers can use to escalate privileges, including up to SYSTEM. According to McAfee’s bulletin, the bugs are in versions prior to 5.7.5 of McAfee Agent, which is used in McAfee Endpoint...
McAfee Releases Security Update for McAfee Agent for Windows
McAfee has released McAfee Agent for Windows version 5.7.5, which addresses vulnerabilities CVE-2021-31854 and CVE-2022-0166. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review McAfee Security Bulletin SB10378...
CVE-2021-31854
creationtimestamp| type| source ---|---|--- 2022-01-19 14:35:47+00:00| seen| https://t.me/cibsecurity/35820 2022-01-21 15:47:53+00:00| seen| https://t.me/truesecator/2545 2022-01-24 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=726...
CVE-2021-31854
A command Injection Vulnerability in McAfee Agent MA for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed by running the McAfee Agent deployment feature located in the...
CVE-2021-31854
CVE-2021-31854 : McAfee Agent for Windows versions prior to 5.7.5 is affected by a command-injection vulnerability in the file cleanup.exe invoked via the Agent deployment feature in the System Tree. An attacker could place a malicious cleanup.exe in the relevant folder to achieve a reverse shell...
CVE-2021-31854 Code injection vulnerability in McAfee Agent
A command Injection Vulnerability in McAfee Agent MA for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed by running the McAfee Agent deployment feature located in the...