VYPR

McAfee Agent (MA) for Mac

by McAfee

CVEs (12)

  • CVE-2022-1256Apr 14, 2022
    risk 0.00cvss epss 0.00

    A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. Temporary file actions were performed on the local user's %TEMP% directory with System privileges…

  • CVE-2022-0166Jan 19, 2022
    risk 0.00cvss epss 0.03

    A privilege escalation vulnerability in the McAfee Agent prior to 5.7.5. McAfee Agent uses openssl.cnf during the build process to specify the OPENSSLDIR variable as a subdirectory within the installation directory. A low privilege user could have created subdirectories and…

  • CVE-2021-31854Jan 19, 2022
    risk 0.00cvss epss 0.01

    A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed by running the McAfee Agent deployment…

  • CVE-2021-31836Sep 22, 2021
    risk 0.00cvss epss 0.00

    Improper privilege management vulnerability in maconfig for McAfee Agent for Windows prior to 5.7.4 allows a local user to gain access to sensitive information. The utility was able to be run from any location on the file system and by a low privileged user.

  • CVE-2021-31847Sep 22, 2021
    risk 0.00cvss epss 0.00

    Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as…

  • CVE-2021-31841Sep 22, 2021
    risk 0.00cvss epss 0.00

    A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the user gaining elevated permissions and the…

  • CVE-2021-31840Jun 10, 2021
    risk 0.00cvss epss 0.00

    A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows prior to 5.7.3 could allow an authenticated, local attacker to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need to…

  • CVE-2021-31839Jun 10, 2021
    risk 0.00cvss epss 0.00

    Improper privilege management vulnerability in McAfee Agent for Windows prior to 5.7.3 allows a local user to modify event information in the MA event folder. This allows a local user to either add false events or remove events from the event logs prior to them being sent to the…

  • CVE-2020-7314Sep 10, 2020
    risk 0.00cvss epss 0.00

    Privilege Escalation Vulnerability in the installer in McAfee Data Exchange Layer (DXL) Client for Mac shipped with McAfee Agent (MA) for Mac prior to MA 5.6.6 allows local users to run commands as root via incorrectly applied permissions on temporary files.

  • CVE-2018-6706Dec 12, 2018
    risk 0.00cvss epss 0.01

    Insecure handling of temporary files in non-Windows McAfee Agent 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows an Unprivileged User to introduce custom paths during agent installation in Linux via unspecified vectors.

  • CVE-2018-6705Dec 12, 2018
    risk 0.00cvss epss 0.00

    Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions.

  • CVE-2018-6704Dec 12, 2018
    risk 0.00cvss epss 0.00

    Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions.