Lucene search
K
McafeeMcafee Agent

10 matches found

CVE
CVE
added 2021/09/22 1:25 p.m.76 views

CVE-2021-31841

The CVE-2021-31841 entry affects McAfee Agent for Windows prior to 5.7.4. The vulnerability is a DLL sideloading flaw caused by not validating DLL signatures, allowing a local user to load an unsigned DLL from a specific location and gain elevated permissions to execute code as the SYSTEM account...

8.2CVSS7.8AI score0.00234EPSS
CVE
CVE
added 2015/02/23 5:0 p.m.68 views

CVE-2015-2053

The CVE-2015-2053 issue affects McAfee Agent log viewing: if the “Accept connections only from the ePO server” setting is disabled, remote attackers can perform a clickjacking attack via a crafted web page. Affected releases are MA 4.8.0 prior to Patch 3 and MA 5.0.0 prior to 5.0.1 (and related M...

4.3CVSS6.6AI score0.0146EPSS
CVE
CVE
added 2021/09/22 1:30 p.m.63 views

CVE-2021-31836

CVE-2021-31836: Improper privilege management in the maconfig utility of McAfee Agent for Windows (pre-5.7.4) allows local, low-privilege users to access sensitive information. Affected software is McAfee Agent for Windows; the issue arises from running maconfig from any location on the file syst...

7.1CVSS6.4AI score0.0019EPSS
CVE
CVE
added 2021/06/10 4:20 p.m.62 views

CVE-2021-31840

CVE-2021-31840 affects McAfee Agent for Windows prior to 5.7.3, where the DLL preloading mechanism allows a local, authenticated attacker to load unsigned DLLs, gain elevated privileges, and execute arbitrary code. The issue is tied to the preloading path of specific DLLs within McAfee Agent; Red...

7.3CVSS7.3AI score0.00348EPSS
CVE
CVE
added 2020/09/10 9:45 a.m.55 views

CVE-2020-7311

Summary: CVE-2020-7311 is a privilege-escalation vulnerability affecting McAfee Agent (MA) for Windows, prior to version 5.6.6. The issue arises in the MA installer, where a local attacker can manipulate log files during installation to obtain SYSTEM-level rights. Affected component: McAfee Agent...

7.8CVSS6.8AI score0.00279EPSS
CVE
CVE
added 2017/02/13 4:0 p.m.53 views

CVE-2017-3896

CVE-2017-3896 concerns McAfee Agent’s remote log viewer: an unvalidated parameter in the remote log viewing capability (in 5.0.x before 5.0.4.449) allows an unauthenticated, remote attacker to submit crafted URLs, triggering a denial-of-service. Connected sources corroborate the flaw and fix path...

5.9CVSS5.5AI score0.02474EPSS
CVE
CVE
added 2015/09/18 2:0 p.m.51 views

CVE-2015-7237

CVE-2015-7237 affects McAfee Agent (MA) 5.x prior to 5.0.2, where the remote log viewing feature is vulnerable to a directory traversal bug. The flaw could allow an attacker to obtain sensitive information via unspecified vectors in the remote logging UI/API. Affected component is the remote log ...

5CVSS6.3AI score0.02754EPSS
CVE
CVE
added 2020/09/10 9:55 a.m.51 views

CVE-2020-7315

CVE-2020-7315 is a DLL-injection vulnerability in McAfee Agent (Windows) prior to version 5.6.6. The issue allows local attackers to execute arbitrary code by carefully placing a malicious DLL. Technical details from connected sources indicate the root cause involves improper filtering during con...

6.7CVSS6.6AI score0.00467EPSS
CVE
CVE
added 2020/09/10 9:50 a.m.48 views

CVE-2020-7314

CVE-2020-7314 overview (supported by provided docs): The vulnerability affects the McAfee Data Exchange Layer (DXL) Client for macOS, shipped with McAfee Agent for Mac, prior to MA 5.6.6. It arises from incorrectly applied permissions on temporary files used by the installer, enabling a local use...

8.2CVSS7.8AI score0.00355EPSS
CVE
CVE
added 2020/09/10 9:45 a.m.46 views

CVE-2020-7312

CVE-2020-7312 (McAfee Agent for Windows) is a DLL Search Order Hijacking vulnerability in the installer of McAfee Agent prior to version 5.6.6. The root cause is an insecure installer that allows local users to execute arbitrary code and escalate privileges by running from a compromised folder. T...

7.8CVSS8AI score0.00348EPSS