Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:41 a.m.8 views

CVE-2022-0166

A privilege escalation vulnerability in the McAfee Agent prior to 5.7.5. McAfee Agent uses openssl.cnf during the build process to specify the OPENSSLDIR variable as a subdirectory within the installation directory. A low privilege user could have created subdirectories and executed arbitrary cod...

7.8CVSS7.4AI score0.02969EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/01/26 12:0 a.m.104 views

McAfee Agent < 5.7.5 Multiple Vulnerabilities (SB10378)

The version of McAfee Agent, formerly McAfee ePolicy Orchestrator ePO Agent, installed on the remote host is prior to 5.7.5. It is, therefore, affected by the following vulnerabilities: - A command Injection Vulnerability in McAfee Agent MA for Windows prior to 5.7.5 allows local users to inject...

9.3CVSS7.7AI score0.02969EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2022/01/21 5:13 p.m.55 views

McAfee Bug Can Be Exploited to Gain Windows SYSTEM Privileges

McAfee has patched two high-severity vulnerabilities in a component of its McAfee Enterprise product that attackers can use to escalate privileges, including up to SYSTEM. According to McAfee’s bulletin, the bugs are in versions prior to 5.7.5 of McAfee Agent, which is used in McAfee Endpoint...

9.3CVSS7.8AI score0.02969EPSS
Exploits0References10
CISA
CISA
added 2022/01/21 12:0 a.m.39 views

McAfee Releases Security Update for McAfee Agent for Windows 

McAfee has released McAfee Agent for Windows version 5.7.5, which addresses vulnerabilities CVE-2021-31854 and CVE-2022-0166. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review McAfee Security Bulletin SB10378...

9.3CVSS7.2AI score0.02969EPSS
Exploits0References2
CERT
CERT
added 2022/01/20 12:0 a.m.35 views

McAfee Agent for Windows is vulnerable to privilege escalation due to OPENSSLDIR location

Overview McAfee Agent contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable that specifies a location where an unprivileged Windows user may be able to place files. Description CVE-2022-0166 McAfee Agent, which comes with various McAfee products such as McAfee...

7.8CVSS7.9AI score0.02969EPSS
Exploits0References2
NVD
NVD
added 2022/01/19 11:15 a.m.25 views

CVE-2022-0166

A privilege escalation vulnerability in the McAfee Agent prior to 5.7.5. McAfee Agent uses openssl.cnf during the build process to specify the OPENSSLDIR variable as a subdirectory within the installation directory. A low privilege user could have created subdirectories and executed arbitrary cod...

7.8CVSS0.02969EPSS
Exploits0References2
CVE
CVE
added 2022/01/19 11:5 a.m.89 views

CVE-2022-0166

CVE-2022-0166 affects McAfee Agent prior to 5.7.5. The issue arises from using an OpenSSL OPENSSLDIR location as a subdirectory within the installation directory, allowing a low-privilege Windows user to place a crafted openssl.cnf in an accessible path and execute arbitrary code with SYSTEM priv...

7.8CVSS7.8AI score0.02969EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/01/19 11:5 a.m.34 views

CVE-2022-0166 Privilege escalation vulnerability in McAfee Agent

A privilege escalation vulnerability in the McAfee Agent prior to 5.7.5. McAfee Agent uses openssl.cnf during the build process to specify the OPENSSLDIR variable as a subdirectory within the installation directory. A low privilege user could have created subdirectories and executed arbitrary cod...

7.8CVSS8.1AI score0.02969EPSS
Exploits0References2
Rows per page
Query Builder