cbcvebase.

Mcafee Agent vulnerabilities

25 known vulnerabilities affecting mcafee/agent.

Total CVEs
25
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH13MEDIUM10LOW1

Vulnerabilities

Page 2 of 2
CVE-2015-8987P4MEDIUMCVSS 5.3≤ 4.8.02017-03-14
CVE-2015-8987 [MEDIUM] CWE-284 CVE-2015-8987: Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Ag Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another, possibly rogue, ePO server via McAfee Agent migration to another ePO server.
nvd
CVE-2020-7343P4MEDIUMCVSS 5.5fixed in 5.7.12021-01-18
CVE-2020-7343 [MEDIUM] CWE-862 CVE-2020-7343: Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local use Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
nvd
CVE-2013-3627P4MEDIUMCVSS 5.0≥ 4.5.0, < 4.5.0.1927≥ 4.6.0, < 4.6.0.32582013-10-05
CVE-2013-3627 [MEDIUM] CWE-399 CVE-2013-3627: FrameworkService.exe in McAfee Framework Service in McAfee Managed Agent (MA) before 4.5.0.1927 and FrameworkService.exe in McAfee Framework Service in McAfee Managed Agent (MA) before 4.5.0.1927 and 4.6 before 4.6.0.3258 allows remote attackers to cause a denial of service (service crash) via a malformed HTTP request.
nvd
CVE-2020-7253P4MEDIUMCVSS 4.4≥ 5.5.0, < 5.5.4≥ 5.6.0, < 5.6.42020-03-12
CVE-2020-7253 [MEDIUM] CWE-284 CVE-2020-7253: Improper access control vulnerability in masvc.exe in McAfee Agent (MA) prior to 5.6.4 allows local Improper access control vulnerability in masvc.exe in McAfee Agent (MA) prior to 5.6.4 allows local users with administrator privileges to disable self-protection via a McAfee supplied command-line utility.
nvd
CVE-2021-31839P4LOWCVSS 3.3≥ 5.0.0, < 5.7.32021-06-10
CVE-2021-31839 [LOW] CWE-269 CVE-2021-31839: Improper privilege management vulnerability in McAfee Agent for Windows prior to 5.7.3 allows a loca Improper privilege management vulnerability in McAfee Agent for Windows prior to 5.7.3 allows a local user to modify event information in the MA event folder. This allows a local user to either add false events or remove events from the event logs prior to them being sent to the ePO server.
nvd
Mcafee Agent vulnerabilities | cvebase