cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-40352,https://securityvulnerability.io/vulnerability/CVE-2023-40352,Privilege Escalation in McAfee Safe Connect by Loading Arbitrary DLLs,"McAfee Safe Connect, specifically versions before 2.16.1.126, is susceptible to a vulnerability that enables an adversary with system privileges to perform privilege escalation. This is achieved by exploiting the ability to load arbitrary DLLs, which poses a significant security risk allowing malicious actors to execute unauthorized commands or gain higher access rights within the system.",Mcafee,Safe Connect,7.2,HIGH,0.0009800000116229057,false,,false,false,false,,,false,false,,2023-08-21T00:00:00.000Z,0
CVE-2022-43751,https://securityvulnerability.io/vulnerability/CVE-2022-43751,Uncontrolled Search Path Element Vulnerability in McAfee Total Protection,"The vulnerability in McAfee Total Protection stems from an uncontrolled search path element, which allows an unprivileged user to manipulate a variable pointing to a subdirectory. This critical flaw can be exploited to execute arbitrary code with system privileges, posing significant risks to the integrity and security of the system.",Mcafee,Total Protection,7.8,HIGH,0.0007600000244565308,false,,false,false,false,,,false,false,,2022-11-23T00:15:00.000Z,0
CVE-2022-37025,https://securityvulnerability.io/vulnerability/CVE-2022-37025,Improper Privilege Management in McAfee Security Scan Plus,"An improper privilege management issue in McAfee Security Scan Plus prior to version 4.1.262.1 allows local users to alter configuration files, potentially enabling them to execute malicious code through Living off the Land (LOLBin) attacks. Due to the absence of integrity checks on the configuration files, unauthorized users may escalate their privileges, thereby compromising system security.",Mcafee,Security Scan Plus,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-08-18T12:23:57.000Z,0
CVE-2022-1823,https://securityvulnerability.io/vulnerability/CVE-2022-1823,McAfee MCPR privilege escalation,"Improper privilege management vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land) attack. This could result in the user gaining elevated permissions and being able to execute arbitrary code, through not correctly checking the integrity of the configuration file.","Mcafee,llc",Mcafee Consumer Product Removal Tool,7.9,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-06-20T10:15:22.000Z,0
CVE-2022-1824,https://securityvulnerability.io/vulnerability/CVE-2022-1824,McAfee MCPR privilege escalation,An uncontrolled search path vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local attacker to perform a sideloading attack by using a specific file name. This could result in the user gaining elevated permissions and being able to execute arbitrary code as there were insufficient checks on the executable being signed by McAfee.,"Mcafee,llc",Mcafee Consumer Product Removal Tool,7.9,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-06-20T10:15:16.000Z,0
CVE-2022-1258,https://securityvulnerability.io/vulnerability/CVE-2022-1258,SQL injection vulnerability in McAfee Agent's ePO extension,"A blind SQL injection vulnerability in the ePolicy Orchestrator (ePO) extension of MA prior to 5.7.6 can be exploited by an authenticated administrator on ePO to perform arbitrary SQL queries in the back-end database, potentially leading to command execution on the server.","McAfee,LLC",McAfee Agent ePO extension,7.2,HIGH,0.0010100000072270632,false,,false,false,false,,,false,false,,2022-04-14T13:50:12.000Z,0
CVE-2022-1256,https://securityvulnerability.io/vulnerability/CVE-2022-1256,Improper Privilege Management in McAfee Agent for Windows,A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. Temporary file actions were performed on the local user's %TEMP% directory with System privileges through manipulation of symbolic links.,"Mcafee,llc",Mcafee Agent For Windows,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-04-14T13:45:17.000Z,0
CVE-2022-0280,https://securityvulnerability.io/vulnerability/CVE-2022-0280,McAfee Total Protection (MTP) - File Deletion vulnerability,A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local user to gain privilege elevation and perform an arbitrary file delete. This could lead to sensitive files being deleted and potentially cause denial of service. This attack exploits the way symlinks are created and how the product works with them.,McAfee,McAfee Total Protection for Windows,7,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2022-03-10T22:35:09.000Z,0
CVE-2021-4088,https://securityvulnerability.io/vulnerability/CVE-2021-4088,Blind SQL injection in DLP ePO extension,"SQL injection vulnerability in Data Loss Protection (DLP) ePO extension 11.8.x prior to 11.8.100, 11.7.x prior to 11.7.101, and 11.6.401 allows a remote authenticated attacker to inject unfiltered SQL into the DLP part of the ePO database. This could lead to remote code execution on the ePO server with privilege escalation.","Mcafee,llc",Mcafee Data Loss Prevention (dlp) Epo Extension,8.4,HIGH,0.0008200000156648457,false,,false,false,false,,,false,false,,2022-01-24T16:00:14.000Z,0
CVE-2022-0166,https://securityvulnerability.io/vulnerability/CVE-2022-0166,Privilege escalation vulnerability in McAfee Agent,A privilege escalation vulnerability in the McAfee Agent prior to 5.7.5. McAfee Agent uses openssl.cnf during the build process to specify the OPENSSLDIR variable as a subdirectory within the installation directory. A low privilege user could have created subdirectories and executed arbitrary code with SYSTEM privileges by creating the appropriate pathway to the specifically created malicious openssl.cnf file.,"McAfee,LLC",McAfee Agent for Windows,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-01-19T11:05:11.000Z,0
CVE-2021-31854,https://securityvulnerability.io/vulnerability/CVE-2021-31854,Code injection vulnerability in McAfee Agent,"A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed by running the McAfee Agent deployment feature located in the System Tree. An attacker may exploit the vulnerability to obtain a reverse shell which can lead to privilege escalation to obtain root privileges.

","Mcafee,llc",Mcafee Agent For Windows,7.7,HIGH,0.0005300000193528831,false,,false,false,false,,,false,false,,2022-01-19T11:00:16.000Z,0
CVE-2022-0129,https://securityvulnerability.io/vulnerability/CVE-2022-0129,DLL Highjack vulnerability in McAfee TechCheck utility,Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from.,"Mcafee,llc",Mcafee Techcheck,7.4,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-01-11T17:10:10.000Z,0
CVE-2021-31833,https://securityvulnerability.io/vulnerability/CVE-2021-31833,Security Bypass Vulnerability in McAfee Application and Change Control,"A security bypass vulnerability exists in McAfee Application and Change Control (MACC) which may allow a locally logged-in attacker to circumvent built-in application solidification protections. This could enable the attacker to execute applications that MACC normally prevents. The attack necessitates the renaming of a specified binary to match the name of a configured updater and entails a specific sequence of manipulations to successfully execute the renamed binary, thereby undermining the integrity of the application control mechanisms.","Mcafee,llc",Mcafee Application And Change Control (macc),7.1,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-01-04T09:45:12.000Z,0
CVE-2021-31853,https://securityvulnerability.io/vulnerability/CVE-2021-31853,MDE DLL Search Order Hijacking vulnerability,DLL Search Order Hijacking Vulnerability in McAfee Drive Encryption (MDE) prior to 7.3.0 HF2 (7.3.0.183) allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder.,"Mcafee,llc",Mcafee Drive Encryption (mde),7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-11-10T09:00:13.000Z,0
CVE-2021-31848,https://securityvulnerability.io/vulnerability/CVE-2021-31848,Data Loss Prevention (DLP) ePO extension - Cross site scripting (XSS),Cross site scripting (XSS) vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker to highjack an active DLP ePO administrator session by convincing the logged in administrator to click on a carefully crafted link in the case management part of the DLP ePO extension.,Mcafee,Data Loss Prevention (dlp) Epo Extension,8.4,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2021-11-01T19:25:19.000Z,0
CVE-2021-31849,https://securityvulnerability.io/vulnerability/CVE-2021-31849,Data Loss Prevention (DLP) ePO extension - SQL injection,SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker logged into ePO as an administrator to inject arbitrary SQL into the ePO database through the user management section of the DLP ePO extension.,Mcafee,Data Loss Prevention (dlp) Epo Extension,8.4,HIGH,0.0008299999753944576,false,,false,false,false,,,false,false,,2021-11-01T19:25:13.000Z,0
CVE-2021-23893,https://securityvulnerability.io/vulnerability/CVE-2021-23893,Privilege Escalation vulnerability in McAfee Drive Encryption (MDE),Privilege Escalation vulnerability in a Windows system driver of McAfee Drive Encryption (DE) prior to 7.3.0 could allow a local non-admin user to gain elevated system privileges via exploiting an unutilized memory buffer.,"Mcafee,llc",Mcafee Drive Encryption (mde),8.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-10-01T09:25:11.000Z,0
CVE-2021-31847,https://securityvulnerability.io/vulnerability/CVE-2021-31847,Improper privilege management in repair process of MA for Windows,"Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user, through not correctly protecting a temporary directory used in the repair process and not checking the DLL signature.","Mcafee,llc",Mcafee Agent For Windows,8.2,HIGH,0.0008500000112690032,false,,false,false,false,,,false,false,,2021-09-22T13:25:18.000Z,0
CVE-2021-31841,https://securityvulnerability.io/vulnerability/CVE-2021-31841,DLL side loading vulnerability in MA for Windows,"A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the user gaining elevated permissions and the ability to execute arbitrary code as the system user, through not checking the DLL signature.","Mcafee,llc",Mcafee Agent For Windows,8.2,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-09-22T13:25:11.000Z,0
CVE-2021-31844,https://securityvulnerability.io/vulnerability/CVE-2021-31844,Local Privilege Escalation in McAfee DLP Endpoint for Windows,A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a local attacker to execute arbitrary code with elevated privileges through placing carefully constructed Ami Pro (.sam) files onto the local system and triggering a DLP Endpoint scan through accessing a file. This is caused by the destination buffer being of fixed size and incorrect checks being made on the source size.,"Mcafee,llc",Mcafee Data Loss Prevention (dlp) Endpoint For Windows,8.2,HIGH,0.0006000000284984708,false,,false,false,false,,,false,false,,2021-09-17T13:45:18.000Z,0
CVE-2021-31845,https://securityvulnerability.io/vulnerability/CVE-2021-31845,Remote Code Execution in McAfee DLP Discover,"A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Discover prior to 11.6.100 allows an attacker in the same network as the DLP Discover to execute arbitrary code through placing carefully constructed Ami Pro (.sam) files onto a machine and having DLP Discover scan it, leading to remote code execution with elevated privileges. This is caused by the destination buffer being of fixed size and incorrect checks being made on the source size.","Mcafee,llc",Mcafee Data Loss Prevention (dlp) Discover,8.4,HIGH,0.0008399999933317304,false,,false,false,false,,,false,false,,2021-09-17T13:45:12.000Z,0
CVE-2021-31843,https://securityvulnerability.io/vulnerability/CVE-2021-31843,Improper access control vulnerability in McAfee ENS for Windows,"Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended location.

","Mcafee,llc",Mcafee Endpoint Security (ens) For Windows,7.3,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-09-17T13:40:12.000Z,0
CVE-2021-31838,https://securityvulnerability.io/vulnerability/CVE-2021-31838,Command injection through environment variable in MVISION EDR,"A command injection vulnerability in MVISION EDR (MVEDR) prior to 3.4.0 allows an authenticated MVEDR administrator to trigger the EDR client to execute arbitrary commands through PowerShell using the EDR functionality 'execute reaction'.

","Mcafee,llc",Mvision Edr,8.4,HIGH,0.0023799999617040157,false,,false,false,false,,,false,false,,2021-06-29T09:45:11.000Z,0
CVE-2021-31840,https://securityvulnerability.io/vulnerability/CVE-2021-31840,DLL preload vulnerability in McAfee Agent for Windows,"A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows prior to 5.7.3 could allow an authenticated, local attacker to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. This would result in the user gaining elevated permissions and being able to execute arbitrary code.","Mcafee,llc",Mcafee Agent For Windows,7.3,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-06-10T16:20:12.000Z,0
CVE-2021-31837,https://securityvulnerability.io/vulnerability/CVE-2021-31837,Out of bounds write vulnerability in McAfee GetSusp,"Memory corruption vulnerability in the driver file component in McAfee GetSusp prior to 4.0.0 could allow a program being investigated on the local machine to trigger a buffer overflow in GetSusp, leading to the execution of arbitrary code, potentially triggering a BSOD.","Mcafee,llc",Mcafee Getsusp,8.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-09T13:45:12.000Z,0