Unrated severityNVD Advisory· Published Sep 22, 2021· Updated Aug 3, 2024
Improper privilege management in repair process of MA for Windows
CVE-2021-31847
Description
Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user, through not correctly protecting a temporary directory used in the repair process and not checking the DLL signature.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <5.7.4
- Range: unspecified
Patches
Vulnerability mechanics
References
2- kc.mcafee.com/corporate/indexmitrex_refsource_CONFIRM
- www.zerodayinitiative.com/advisories/ZDI-21-1104/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.