CySecurity News – Latest Information Security and Hacking Incidents
McAfee (now known as Trellix) has fixed two high-severity bugs present in McAfee Agent software for Windows allowing malicious actors to escalate privileges and implement arbitrary code with SYSTEM privileges.
Earlier this week, the firm released a security advisory highlighting two CVEs tracked as CVE-2022-0166 and CVE-2021-31854 impacting previous versions of the McAfee ePolicy Orchestrator (ePO). The company released an updated version of the Agent that effectively remediates the vulnerabilities, both of which received high severity ratings.
McAfee Agent is a client-side feature of McAfee ePolicy Orchestrator (McAfee ePO) that downloads and enforces endpoint policies and deploys antivirus signatures, upgrades, patches, and new products on enterprise endpoints.
The bug tracked as CVE-2021-31854 is a command Injection flaw in McAfee Agent (MA) for Windows prior to 5.7.5 allows threat actors to inject arbitrary shellcode into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed by running the McAfee Agent deployment feature located in the System Tree. An attacker may exploit the vulnerability to obtain a reverse shell which can lead to privi
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: