CVE-2019-1559

OpenSSL vulnerability CVE-2019-1559 describes a padding-oracle weakness where, if an application encounters a fatal protocol error and then calls SSL_shutdown() twice (to send close_notify and to receive one), the server may respond differently to a 0-byte record with invalid padding versus inval...

CVE-2022-2313

CVE-2022-2313 is a DLL hijacking vulnerability in the MA Smart Installer for Windows prior to 5.7.7. An attacker can place a malicious DLL in the installer’s directory to achieve local code execution and privilege escalation. A fix is to update to version 5.7.7 or later; as a temporary workaround...

CVE-2022-1258

McAfee Agent (MA) ePolicy Orchestrator (ePO) extension vulnerable before 5.7.6 due to a blind SQL injection in the back-end database. An authenticated ePO administrator can perform arbitrary SQL queries, potentially enabling server command execution. Affected: MA/ePO extension prior to 5.7.6. Roo...

CVE-2022-1256

CVE-2022-1256 affects McAfee Agent (Windows) prior to version 5.7.6. The vulnerability is a local privilege escalation: a low-privileged user can gain SYSTEM by executing the repair functionality, which performs temporary file actions in the user’s %TEMP% directory with System privileges through ...

CVE-2021-31854

CVE-2021-31854 : McAfee Agent for Windows versions prior to 5.7.5 is affected by a command-injection vulnerability in the file cleanup.exe invoked via the Agent deployment feature in the System Tree. An attacker could place a malicious cleanup.exe in the relevant folder to achieve a reverse shell...

CVE-2022-1257

Summary of CVE-2022-1257 in McAfee Agent (Tre llix Agent) : The vulnerability affects MA for Linux, macOS, and Windows prior to version 5.7.6, where sensitive data could be exposed through the ma.db storage. The root cause is insecure storage of credentials in ma.db, with sensitive information mo...

CVE-2021-1257

CVE-2021-1257 affects Cisco DNA Center (web-based management interface) with CSRF in versions prior to 2.1.2.0. An unauthenticated, remote attacker can lure a logged-in user to a crafted link, causing actions on the device with the user’s privileges, including modifying configuration, disconnecti...

CVE-2022-0166

CVE-2022-0166 affects McAfee Agent prior to 5.7.5. The issue arises from using an OpenSSL OPENSSLDIR location as a subdirectory within the installation directory, allowing a low-privilege Windows user to place a crafted openssl.cnf in an accessible path and execute arbitrary code with SYSTEM priv...

CVE-2021-31839

CVE-2021-31839 affects McAfee Agent for Windows prior to 5.7.3. The issue is an improper privilege management that lets a local user modify the MA event folder, enabling adding false events or removing events from logs before they are sent to the ePO server. Impact is limited to local privilege e...

CVE-2019-3592

CVE-2019-3592 affects McAfee Agent (MA) prior to 5.6.1 HF3. A local administrator can escalate privileges by manipulating MA directory permissions and placing a crafted file in the MA directory to potentially disable some McAfee processes. Affected versions are MA before 5.6.1 HF3 (and related en...

CVE-2021-31847

The CVE-2021-31847 issue affects McAfee Agent for Windows prior to 5.7.4. It is an improper access control flaw in the repair process that could let a local attacker perform a DLL preloading attack using unsigned DLLs. This stems from not properly protecting a temporary directory used during repa...

CVE-2018-6703

CVE-2018-6703 describes a use-after-free vulnerability in the remote logging feature of McAfee Agent (MA) 5.x, prior to 5.6.0. The issue allows unauthenticated remote attackers to trigger a denial of service and potentially remote code execution by sending specially crafted HTTP headers to the lo...

CVE-2020-7343

CVE-2020-7343 describes a Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1. Local users can block McAfee product updates by manipulating a directory MA uses for temporary files, causing the product to continue operating with-out-of-date detection files. Public r...

CVE-2008-1357

CVE-2008-1357 affects McAfee CMA 3.6.0.574 (Patch 3) and earlier, used with ePolicy Orchestrator 4.0.0 build 1015. The vulnerability is in the logDetail function of applib.dll and stems from a format string issue in the UDP AgentWakeup handling (port 8082) that can leak into the format string spe...

CVE-2013-3627

CVE-2013-3627 affects the McAfee Managed Agent: the FrameworkService.exe HTTP server on the default TCP port 8081 can be remotely crashed by a malformed HTTP request. Impacted versions are MA 4.5.0.1817 and earlier (up to 4.5.0.1927) and 4.6 prior to 4.6.0.3258; later versions (4.8 RTW and newer)...

CVE-2016-3984

CVE-2016-3984 affects McAfee VirusScan Console and multiple McAfee components (MAR, MA, DXL, DLPe, MDC, ENS, IPS, VSE) on Windows. Local administrators can bypass self-protection rules and disable the antivirus engine by modifying registry keys. Impact: partial to full antivirus disablement; CVSS...

CVE-2019-3613

The CVE-2019-3613 entry concerns McAfee Agent (MA) prior to 5.6.4. The vulnerability is a DLL Search Order Hijacking flaw that allows a local attacker to execute arbitrary code by running from a compromised folder. Affected versions are MA before 5.6.4; impact is local code execution with partial...

CVE-2020-7253

The CVE-2020-7253 issue affects McAfee Agent (MA) client components, specifically masvc.exe, prior to version 5.6.4. The root cause is improper access control that allows local users with administrator privileges to disable self-protection via a McAfee-supplied command-line utility. Impact descri...

CVE-2018-6704

The vulnerability CVE-2018-6704 affects McAfee Agent for Linux 5.0.0–5.0.6, 5.5.0, and 5.5.1. Root cause: errors in handling temporary files enabling a local attacker to perform arbitrary command execution (privilege escalation). Impact: local privilege escalation with arbitrary commands; affecte...

CVE-2018-6705

CVE-2018-6705 concerns McAfee Agent for Linux with versions 5.0.0–5.0.6, 5.5.0, and 5.5.1. The issue is insufficient access control in the client component, enabling local attackers to escalate privileges and execute arbitrary commands. Remediation: upgrade to a non-affected version outside these...

CVE-2019-3598

CVE-2019-3598 affects McAfee Agent (MA) 5.x where a bug in how UDP requests are processed leads to a denial of service when handling specially crafted UDP packets. The vulnerability allows remote, unauthenticated attackers to potentially cause the MA service to stop responding, reducing availabil...

CVE-2015-8987

McAfee Agent (MA) for non-Mac OS, version 4.8.0 patch 2 and earlier, is affected by a MitM vulnerability that lets an attacker cause a MA instance to communicate with a rogue ePO server via migration to another ePO server. The OpenVAS entry and NVD record corroborate the MITM impact but do not pr...

CVE-2018-6706

CVE-2018-6706 affects McAfee Agent (non-Windows) on Linux, with insecure handling of temporary files during installation. Affected versions are 5.0.0–5.0.6 and 5.5.0–5.5.1. The vulnerability permits an unprivileged user to introduce custom paths during agent installation via unspecified vectors, ...

CVE-2018-6707

CVE-2018-6707 (McAfee Agent, non-Windows MA) affects 5.0.0–5.0.6, 5.5.0, and 5.5.1. The vulnerability is a Denial of Service through Resource Depletion in the agent, with local attackers able to induce DoS, cause unexpected behavior, or potentially execute code by abusing the internal trust mecha...

CVE-2019-3599

CVE-2019-3599 describes an information-disclosure vulnerability in the remote-logging feature of McAfee Agent (MA) 5.x, where an unauthenticated, remote user could access sensitive information if remote logging is enabled. Public entries consistently identify the affected component as MA 5.x with...