CVE-2021-31854

A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed by running the McAfee Agent deployment feature located in the System Tree. An attacker may exploit the vulnerability to obtain a reverse shell which can lead to privilege escalation to obtain root privileges.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mcafee:agent:*:*:*:*:*:windows:*:*

History

07 Nov 2023, 03:35

Type Values Removed Values Added
CWE CWE-78
Summary A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed by running the McAfee Agent deployment feature located in the System Tree. An attacker may exploit the vulnerability to obtain a reverse shell which can lead to privilege escalation to obtain root privileges. A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed by running the McAfee Agent deployment feature located in the System Tree. An attacker may exploit the vulnerability to obtain a reverse shell which can lead to privilege escalation to obtain root privileges.
References (CONFIRM) https://kc.mcafee.com/corporate/index?page=content&id=SB10378 - Vendor Advisory () https://kc.mcafee.com/corporate/index?page=content&id=SB10378 -

04 Aug 2022, 15:39

Type Values Removed Values Added
CWE CWE-77 CWE-78

25 Jan 2022, 20:06

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : 9.3
v3 : 7.8
CWE CWE-77
CPE cpe:2.3:a:mcafee:agent:*:*:*:*:*:windows:*:*
First Time Mcafee agent
Mcafee
References (CONFIRM) https://kc.mcafee.com/corporate/index?page=content&id=SB10378 - (CONFIRM) https://kc.mcafee.com/corporate/index?page=content&id=SB10378 - Vendor Advisory

19 Jan 2022, 11:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-01-19 11:15

Updated : 2023-12-10 14:09


NVD link : CVE-2021-31854

Mitre link : CVE-2021-31854

CVE.ORG link : CVE-2021-31854


JSON object : View

Products Affected

mcafee

  • agent
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')