CVE-2021-31854

CWE-78 — OS Command Injection CWE-77 — Command Injection3 documents3 sources

Severity

7.8HIGH

EPSS

0.3%

top 44.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mcafee,llc Mcafee Agent FOR Windows Mcafee Agent

Timeline

PublishedJan 19

Latest updateJan 20

Description

A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed by running the McAfee Agent deployment feature located in the System Tree. An attacker may exploit the vulnerability to obtain a reverse shell which can lead to privilege escalation to obtain root privileges.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:HExploitability: 1.1 | Impact: 6.0

Affected Packages2 packages

▶CVEListV5mcafee,llc/mcafee_agent_for_windowsunspecified — 5.7.5

▶NVDmcafee/agent< 5.7.5

🔴Vulnerability Details

GHSA

GHSA-5jww-7299-jr22: A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5↗2022-01-20

▶

CVEList

Code injection vulnerability in McAfee Agent↗2022-01-19

▶