Unrated severityNVD Advisory· Published Jan 19, 2022· Updated Aug 2, 2024
Privilege escalation vulnerability in McAfee Agent
CVE-2022-0166
Description
A privilege escalation vulnerability in the McAfee Agent prior to 5.7.5. McAfee Agent uses openssl.cnf during the build process to specify the OPENSSLDIR variable as a subdirectory within the installation directory. A low privilege user could have created subdirectories and executed arbitrary code with SYSTEM privileges by creating the appropriate pathway to the specifically created malicious openssl.cnf file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: unspecified
Patches
Vulnerability mechanics
References
2- www.kb.cert.org/vuls/id/287178mitrethird-party-advisoryx_refsource_CERT-VN
- kc.mcafee.com/corporate/indexmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.