A Cross Site Request Forgery vulnerability in ePolicy Orchestrator prior to 5.10.0 CP1 Update 2 allows a remote low privilege user to successfully add a new user with administrator privileges to the ePO server. This impacts the dashboard area of the user interface. To exploit this the attacker must change the HTTP payload post submission, prior to it reaching the ePO server.
Source: Trellix
Max CVSS
8.0
EPSS Score
0.06%
Published
2023-11-17
Updated
2023-11-29
A DLL hijacking vulnerability in the MA Smart Installer for Windows prior to 5.7.7, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL into the folder from where the Smart installer is being executed.
Source: McAfee (DEFUNCT)
Max CVSS
8.2
EPSS Score
0.04%
Published
2022-07-27
Updated
2022-08-02
An uncontrolled search path vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local attacker to perform a sideloading attack by using a specific file name. This could result in the user gaining elevated permissions and being able to execute arbitrary code as there were insufficient checks on the executable being signed by McAfee.
Source: Trellix
Max CVSS
8.2
EPSS Score
0.04%
Published
2022-06-20
Updated
2023-11-15
A blind SQL injection vulnerability in the ePolicy Orchestrator (ePO) extension of MA prior to 5.7.6 can be exploited by an authenticated administrator on ePO to perform arbitrary SQL queries in the back-end database, potentially leading to command execution on the server.
Source: Trellix
Max CVSS
8.4
EPSS Score
0.10%
Published
2022-04-14
Updated
2023-11-15
SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker logged into ePO as an administrator to inject arbitrary SQL into the ePO database through the user management section of the DLP ePO extension.
Source: Trellix
Max CVSS
8.4
EPSS Score
0.08%
Published
2021-11-01
Updated
2023-11-15
Cross site scripting (XSS) vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker to highjack an active DLP ePO administrator session by convincing the logged in administrator to click on a carefully crafted link in the case management part of the DLP ePO extension.
Source: Trellix
Max CVSS
8.4
EPSS Score
0.08%
Published
2021-11-01
Updated
2023-11-16
Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user, through not correctly protecting a temporary directory used in the repair process and not checking the DLL signature.
Source: Trellix
Max CVSS
8.2
EPSS Score
0.09%
Published
2021-09-22
Updated
2023-11-15
A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Discover prior to 11.6.100 allows an attacker in the same network as the DLP Discover to execute arbitrary code through placing carefully constructed Ami Pro (.sam) files onto a machine and having DLP Discover scan it, leading to remote code execution with elevated privileges. This is caused by the destination buffer being of fixed size and incorrect checks being made on the source size.
Source: Trellix
Max CVSS
8.4
EPSS Score
0.08%
Published
2021-09-17
Updated
2023-11-15
A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a local attacker to execute arbitrary code with elevated privileges through placing carefully constructed Ami Pro (.sam) files onto the local system and triggering a DLP Endpoint scan through accessing a file. This is caused by the destination buffer being of fixed size and incorrect checks being made on the source size.
Source: Trellix
Max CVSS
8.2
EPSS Score
0.06%
Published
2021-09-17
Updated
2023-11-15
A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the user gaining elevated permissions and the ability to execute arbitrary code as the system user, through not checking the DLL signature.
Source: Trellix
Max CVSS
8.2
EPSS Score
0.04%
Published
2021-09-22
Updated
2023-11-15
Memory corruption vulnerability in the driver file component in McAfee GetSusp prior to 4.0.0 could allow a program being investigated on the local machine to trigger a buffer overflow in GetSusp, leading to the execution of arbitrary code, potentially triggering a BSOD.
Source: Trellix
Max CVSS
8.8
EPSS Score
0.04%
Published
2021-06-09
Updated
2023-11-15
Privilege Escalation vulnerability in a Windows system driver of McAfee Drive Encryption (DE) prior to 7.3.0 could allow a local non-admin user to gain elevated system privileges via exploiting an unutilized memory buffer.
Source: McAfee (DEFUNCT)
Max CVSS
8.8
EPSS Score
0.04%
Published
2021-10-01
Updated
2021-10-07
By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security for Linux Threat Prevention and Firewall (ENSL TP/FW) installation process, a local user can perform a privilege escalation attack to obtain administrator privileges for the purpose of executing arbitrary code through insecure use of predictable temporary file locations.
Source: McAfee (DEFUNCT)
Max CVSS
8.2
EPSS Score
0.04%
Published
2021-05-12
Updated
2023-02-11
Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean installations of ENS as the Access Control rules will prevent modification prior to up an upgrade.
Source: Trellix
Max CVSS
8.2
EPSS Score
0.04%
Published
2021-02-10
Updated
2023-11-16

CVE-2021-23874

Known exploited
Arbitrary Process Execution vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and execute arbitrary code bypassing MTP self-defense.
Source: McAfee (DEFUNCT)
Max CVSS
8.2
EPSS Score
0.11%
Published
2021-02-10
Updated
2023-06-30
CISA KEV Added
2021-11-03
SQL injection vulnerability in Data Loss Protection (DLP) ePO extension 11.8.x prior to 11.8.100, 11.7.x prior to 11.7.101, and 11.6.401 allows a remote authenticated attacker to inject unfiltered SQL into the DLP part of the ePO database. This could lead to remote code execution on the ePO server with privilege escalation.
Source: Trellix
Max CVSS
8.4
EPSS Score
0.08%
Published
2022-01-24
Updated
2023-11-15
A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to manipulate an authenticated user into executing malicious actions without their awareness or consent. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a web-based management user to follow a specially crafted link. A successful exploit could allow the attacker to perform arbitrary actions on the device with the privileges of the authenticated user. These actions include modifying the device configuration, disconnecting the user's session, and executing Command Runner commands.
Source: Cisco Systems, Inc.
Max CVSS
8.8
EPSS Score
0.08%
Published
2021-01-20
Updated
2022-07-01
Improper privilege assignment vulnerability in the installer McAfee Application and Change Control (MACC) prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer. This version adds further controls for installation/uninstallation of software.
Source: McAfee (DEFUNCT)
Max CVSS
8.2
EPSS Score
0.04%
Published
2020-10-15
Updated
2020-10-21
Cross Site Request Forgery vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows an attacker to execute arbitrary HTML code due to incorrect security configuration.
Source: Trellix
Max CVSS
8.8
EPSS Score
0.09%
Published
2020-11-12
Updated
2023-11-16
Privilege Escalation vulnerability in McAfee Total Protection (MTP) trial prior to 4.0.176.1 allows local users to schedule tasks which call malicious software to execute with elevated privileges via editing of environment variables
Source: McAfee (DEFUNCT)
Max CVSS
8.8
EPSS Score
0.04%
Published
2020-10-14
Updated
2020-10-27
Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file.
Source: McAfee (DEFUNCT)
Max CVSS
8.8
EPSS Score
0.04%
Published
2020-09-09
Updated
2022-01-01
Privilege Escalation Vulnerability in the installer in McAfee Data Exchange Layer (DXL) Client for Mac shipped with McAfee Agent (MA) for Mac prior to MA 5.6.6 allows local users to run commands as root via incorrectly applied permissions on temporary files.
Source: McAfee (DEFUNCT)
Max CVSS
8.2
EPSS Score
0.04%
Published
2020-09-10
Updated
2022-06-01
Unexpected behavior violation in McAfee Total Protection (MTP) prior to 16.0.R26 allows local users to turn off real time scanning via a specially crafted object making a specific function call.
Source: McAfee (DEFUNCT)
Max CVSS
8.4
EPSS Score
0.04%
Published
2020-08-05
Updated
2021-07-21
Exposure of Sensitive Information in McAfee Network Security Management (NSM) prior to 10.1.7.7 allows local users to gain unauthorised access to the root account via execution of carefully crafted commands from the restricted command line interface (CLI).
Source: McAfee (DEFUNCT)
Max CVSS
8.6
EPSS Score
0.04%
Published
2020-07-03
Updated
2021-10-19
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to create and edit files via symbolic link manipulation in a location they would otherwise not have access to. This is achieved through running a malicious script or program on the target machine.
Source: McAfee (DEFUNCT)
Max CVSS
8.8
EPSS Score
0.04%
Published
2020-07-03
Updated
2020-07-13
69 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!