CVE-2021-31847 vulnerability in McAfee Products
Published on September 22, 2021
Improper privilege management in repair process of MA for Windows
Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user, through not correctly protecting a temporary directory used in the repair process and not checking the DLL signature.
Vulnerability Analysis
CVE-2021-31847 can be exploited with local system access, requires user interaction and a small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Types
Improper Privilege Management
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Improper Verification of Cryptographic Signature
The software does not verify, or incorrectly verifies, the cryptographic signature for data.
Products Associated with CVE-2021-31847
stack.watch emails you whenever new vulnerabilities are published in Mcafee Agent or McAfee Agent. Just hit a watch button to start following.
Affected Versions
McAfee,LLC McAfee Agent for Windows:- Version unspecified and below 5.7.4 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.