6 matches found
CVE-2021-31841
The CVE-2021-31841 entry affects McAfee Agent for Windows prior to 5.7.4. The vulnerability is a DLL sideloading flaw caused by not validating DLL signatures, allowing a local user to load an unsigned DLL from a specific location and gain elevated permissions to execute code as the SYSTEM account...
CVE-2021-31836
CVE-2021-31836: Improper privilege management in the maconfig utility of McAfee Agent for Windows (pre-5.7.4) allows local, low-privilege users to access sensitive information. Affected software is McAfee Agent for Windows; the issue arises from running maconfig from any location on the file syst...
CVE-2020-7311
Summary: CVE-2020-7311 is a privilege-escalation vulnerability affecting McAfee Agent (MA) for Windows, prior to version 5.6.6. The issue arises in the MA installer, where a local attacker can manipulate log files during installation to obtain SYSTEM-level rights. Affected component: McAfee Agent...
CVE-2020-7315
CVE-2020-7315 is a DLL-injection vulnerability in McAfee Agent (Windows) prior to version 5.6.6. The issue allows local attackers to execute arbitrary code by carefully placing a malicious DLL. Technical details from connected sources indicate the root cause involves improper filtering during con...
CVE-2020-7314
CVE-2020-7314 overview (supported by provided docs): The vulnerability affects the McAfee Data Exchange Layer (DXL) Client for macOS, shipped with McAfee Agent for Mac, prior to MA 5.6.6. It arises from incorrectly applied permissions on temporary files used by the installer, enabling a local use...
CVE-2020-7312
CVE-2020-7312 (McAfee Agent for Windows) is a DLL Search Order Hijacking vulnerability in the installer of McAfee Agent prior to version 5.6.6. The root cause is an insecure installer that allows local users to execute arbitrary code and escalate privileges by running from a compromised folder. T...