cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-1256,https://securityvulnerability.io/vulnerability/CVE-2022-1256,Improper Privilege Management in McAfee Agent for Windows,A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. Temporary file actions were performed on the local user's %TEMP% directory with System privileges through manipulation of symbolic links.,"Mcafee,llc",Mcafee Agent For Windows,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-04-14T13:45:17.000Z,0
CVE-2022-0280,https://securityvulnerability.io/vulnerability/CVE-2022-0280,McAfee Total Protection (MTP) - File Deletion vulnerability,A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local user to gain privilege elevation and perform an arbitrary file delete. This could lead to sensitive files being deleted and potentially cause denial of service. This attack exploits the way symlinks are created and how the product works with them.,McAfee,McAfee Total Protection for Windows,7,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2022-03-10T22:35:09.000Z,0
CVE-2022-0166,https://securityvulnerability.io/vulnerability/CVE-2022-0166,Privilege escalation vulnerability in McAfee Agent,A privilege escalation vulnerability in the McAfee Agent prior to 5.7.5. McAfee Agent uses openssl.cnf during the build process to specify the OPENSSLDIR variable as a subdirectory within the installation directory. A low privilege user could have created subdirectories and executed arbitrary code with SYSTEM privileges by creating the appropriate pathway to the specifically created malicious openssl.cnf file.,"McAfee,LLC",McAfee Agent for Windows,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-01-19T11:05:11.000Z,0
CVE-2021-31854,https://securityvulnerability.io/vulnerability/CVE-2021-31854,Code injection vulnerability in McAfee Agent,"A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed by running the McAfee Agent deployment feature located in the System Tree. An attacker may exploit the vulnerability to obtain a reverse shell which can lead to privilege escalation to obtain root privileges.

","Mcafee,llc",Mcafee Agent For Windows,7.7,HIGH,0.0005300000193528831,false,,false,false,false,,,false,false,,2022-01-19T11:00:16.000Z,0
CVE-2021-31836,https://securityvulnerability.io/vulnerability/CVE-2021-31836,Improper Privilege Management in MA for Windows,Improper privilege management vulnerability in maconfig for McAfee Agent for Windows prior to 5.7.4 allows a local user to gain access to sensitive information. The utility was able to be run from any location on the file system and by a low privileged user.,"Mcafee,llc",Mcafee Agent For Windows,5.6,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-09-22T13:30:14.000Z,0
CVE-2021-31847,https://securityvulnerability.io/vulnerability/CVE-2021-31847,Improper privilege management in repair process of MA for Windows,"Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user, through not correctly protecting a temporary directory used in the repair process and not checking the DLL signature.","Mcafee,llc",Mcafee Agent For Windows,8.2,HIGH,0.0008500000112690032,false,,false,false,false,,,false,false,,2021-09-22T13:25:18.000Z,0
CVE-2021-31841,https://securityvulnerability.io/vulnerability/CVE-2021-31841,DLL side loading vulnerability in MA for Windows,"A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the user gaining elevated permissions and the ability to execute arbitrary code as the system user, through not checking the DLL signature.","Mcafee,llc",Mcafee Agent For Windows,8.2,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-09-22T13:25:11.000Z,0
CVE-2021-31844,https://securityvulnerability.io/vulnerability/CVE-2021-31844,Local Privilege Escalation in McAfee DLP Endpoint for Windows,A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a local attacker to execute arbitrary code with elevated privileges through placing carefully constructed Ami Pro (.sam) files onto the local system and triggering a DLP Endpoint scan through accessing a file. This is caused by the destination buffer being of fixed size and incorrect checks being made on the source size.,"Mcafee,llc",Mcafee Data Loss Prevention (dlp) Endpoint For Windows,8.2,HIGH,0.0006000000284984708,false,,false,false,false,,,false,false,,2021-09-17T13:45:18.000Z,0
CVE-2021-31843,https://securityvulnerability.io/vulnerability/CVE-2021-31843,Improper access control vulnerability in McAfee ENS for Windows,"Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended location.

","Mcafee,llc",Mcafee Endpoint Security (ens) For Windows,7.3,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-09-17T13:40:12.000Z,0
CVE-2021-31842,https://securityvulnerability.io/vulnerability/CVE-2021-31842,XML Entity Expansion Injection Vulnerability in McAfee Endpoint Security for Windows,"An XML Entity Expansion injection vulnerability exists in McAfee Endpoint Security for Windows prior to the 10.7.0 September 2021 Update. This vulnerability allows a local user to manipulate the EPDeploy.xml configuration file, potentially leading to excessive CPU and memory utilization. This results in a Denial of Service condition during the execution of the setup process, which may disrupt service availability and impact user operations.","Mcafee,llc",Mcafee Endpoint Security (ens) For Windows,5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-09-17T13:35:12.000Z,0
CVE-2021-31840,https://securityvulnerability.io/vulnerability/CVE-2021-31840,DLL preload vulnerability in McAfee Agent for Windows,"A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows prior to 5.7.3 could allow an authenticated, local attacker to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. This would result in the user gaining elevated permissions and being able to execute arbitrary code.","Mcafee,llc",Mcafee Agent For Windows,7.3,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-06-10T16:20:12.000Z,0
CVE-2021-31839,https://securityvulnerability.io/vulnerability/CVE-2021-31839,Incorrect permissions on McAfee Agent for Windows event folder,Improper privilege management vulnerability in McAfee Agent for Windows prior to 5.7.3 allows a local user to modify event information in the MA event folder. This allows a local user to either add false events or remove events from the event logs prior to them being sent to the ePO server.,"Mcafee,llc",Mcafee Agent For Windows,4.8,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-06-10T16:15:13.000Z,0
CVE-2021-31832,https://securityvulnerability.io/vulnerability/CVE-2021-31832,Cross site scripting vulnerability in DLP Endpoint for Windows,Improper Neutralization of Input in the ePO administrator extension for McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a remote ePO DLP administrator to inject JavaScript code into the alert configuration text field. This JavaScript will be executed when an end user triggers a DLP policy on their machine.,"Mcafee,llc",Mcafee Data Loss Prevention (dlp) Endpoint For Windows,5.2,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2021-06-09T13:45:17.000Z,0
CVE-2021-23887,https://securityvulnerability.io/vulnerability/CVE-2021-23887,Privilege escalation in McAfee DLP Endpoint for Windows,"Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to write to arbitrary controlled kernel addresses. This is achieved by launching applications, suspending them, modifying the memory and restarting them when they are monitored by McAfee DLP through the hdlphook driver.","Mcafee,llc",Mcafee Data Loss Prevention (dlp) Endpoint For Windows,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-04-15T07:55:15.000Z,0
CVE-2021-23886,https://securityvulnerability.io/vulnerability/CVE-2021-23886,Local Denial of Service in McAfee DLP Endpoint for Windows,"Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to cause a BSoD through suspending a process, modifying the processes memory and restarting it. This is triggered by the hdlphook driver reading invalid memory.","Mcafee,llc",Mcafee Data Loss Prevention (dlp) Endpoint For Windows,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-04-15T07:50:15.000Z,0
CVE-2020-7308,https://securityvulnerability.io/vulnerability/CVE-2020-7308,Transmission of data in clear text by McAfee ENS,"Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update and McAfee Global Threat Intelligence (GTI) servers using DNS allows a remote attacker to view the requests from ENS and responses from GTI over DNS. By gaining control of an intermediate DNS server or altering the network DNS configuration, it is possible for an attacker to intercept requests and send their own responses.","Mcafee,llc",Mcafee Endpoint Security (ens) For Windows,4.8,MEDIUM,0.001339999958872795,false,,false,false,false,,,false,false,,2021-04-15T07:40:19.000Z,0
CVE-2020-7346,https://securityvulnerability.io/vulnerability/CVE-2020-7346,Privilege escalation in McAfee DLP Endpoint for Windows,"Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to load DLLs of the attacker's choosing. This requires the creation and removal of junctions by the attacker along with sending a specific IOTL command at the correct time.

","Mcafee,llc",Mcafee Data Loss Prevention (dlp) Endpoint For Windows,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-03-23T16:05:23.000Z,0
CVE-2021-23883,https://securityvulnerability.io/vulnerability/CVE-2021-23883,Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS),A Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local administrator to cause Windows to crash via a specific system call which is not handled correctly. This varies by machine and had partial protection prior to this update.,Mcafee Llc,Endpoint Security (ens) For Windows,4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-02-10T00:00:00.000Z,0
CVE-2021-23878,https://securityvulnerability.io/vulnerability/CVE-2021-23878,Clear text storage of sensitive Information in ENS,"Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local user to view ENS settings and credentials via accessing process memory after the ENS administrator has performed specific actions. To exploit this, the local user has to access the relevant memory location immediately after an ENS administrator has made a configuration change through the console on their machine",Mcafee Llc,Endpoint Security (ens) For Windows,7.3,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-02-10T00:00:00.000Z,0
CVE-2021-23880,https://securityvulnerability.io/vulnerability/CVE-2021-23880,Improper Access Control in the ENS installer,Improper Access Control in attribute in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows authenticated local administrator user to perform an uninstallation of the anti-malware engine via the running of a specific command with the correct parameters.,Mcafee Llc,Endpoint Security (ens) For Windows,6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-02-10T00:00:00.000Z,0
CVE-2021-23881,https://securityvulnerability.io/vulnerability/CVE-2021-23881,Stored Cross Site Scripting in ENS,A stored cross site scripting vulnerability in ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 February 2021 Update allows an ENS ePO administrator to add a script to a policy event which will trigger the script to be run through a browser block page when a local non-administrator user triggers the policy.,Mcafee Llc,Endpoint Security (ens) For Windows,4.8,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2021-02-10T00:00:00.000Z,0
CVE-2021-23882,https://securityvulnerability.io/vulnerability/CVE-2021-23882,Improper Access Control in the ENS installer,Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean installations of ENS as the Access Control rules will prevent modification prior to up an upgrade.,Mcafee Llc,Endpoint Security (ens) For Windows,8.2,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-02-10T00:00:00.000Z,0
CVE-2020-7333,https://securityvulnerability.io/vulnerability/CVE-2020-7333,Cross-site Scripting (XSS) in firewall ePO extension of McAfee Endpoint Security (ENS),Cross site scripting vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows administrators to inject arbitrary web script or HTML via the configuration wizard.,"Mcafee, Llc",Endpoint Security For Windows,4.8,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-11-12T10:15:00.000Z,0
CVE-2020-7332,https://securityvulnerability.io/vulnerability/CVE-2020-7332,Cross-Site Request Forgery (CSRF) in firewall ePO extension of McAfee Endpoint Security (ENS),Cross Site Request Forgery vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows an attacker to execute arbitrary HTML code due to incorrect security configuration.,"Mcafee, Llc",Endpoint Security For Windows,7,HIGH,0.000910000002477318,false,,false,false,false,,,false,false,,2020-11-11T00:00:00.000Z,0
CVE-2020-7315,https://securityvulnerability.io/vulnerability/CVE-2020-7315,DLL Injection vulnerability in MA for Windows,DLL Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to execute arbitrary code via careful placement of a malicious DLL.,Mcafee Llc,Ma For Windows,6,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2020-09-10T10:15:00.000Z,0