In brief: McAfee Agent, a component of the company’s ePolicy Orchestrator (ePO), is deployed to client machines to report data, status, and enforce policies. Earlier this week, the company released a security bulletin highlighting two CVEs affecting previous versions of the ePO Agent deployed to support ePO efforts. The company released an updated version of the Agent that effectively remediates the vulnerabilities, both of which received high severity ratings.
The bulletin identified CVE-2021-31854 and CVE-2022-0166, two high severity attack vectors that can leave any asset with McAfee ePO Agents deployed vulnerable to attack. Per the McAfee’s guidance, any implementations with Agents earlier than version 5.7.5 deployed should update the Agent or risk further exposure.
The security brief provides a detailed explanation of each CVE and cross-references the exploits against MITRE and National Institute of Standards and Technology (NIST) CVE reports.
- CVE-2021-31854—A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed by running the McAfee Agent deployment feature located in the System Tree. An attacker may exploit the vulnerability to obtain a reverse shell which can lead to privilege escalation to obtain root privileges.
- CVE-2022-0166—A privilege escalation vulnerability in the McAfee Agent prior to 5.7.5. McAfee Agent uses openssl.cnf during the build process to specify the OPENSSLDIR variable as a subdirectory within the installation directory. A low privilege user could have created subdirectories and executed arbitrary code with SYSTEM privileges by creating the appropriate pathway to the specifically created malicious openssl.cnf file.
McAfee has made Agent version 5.7.5 available to users and administrators tasked with remediating the vulnerabilities. The bulletin provides users of McAfee endpoint and ePO/server products with specific steps to determine whether or not their ePO and Agent implementation is vulnerable. Once deployed, any client machine with the Agent installed will no longer be susceptible to the identified exploits.
McAfee ePO is an administrative tool used to centralize the management of any endpoints (PCs, printers, other peripherals) on a user’s network. It provides administrators with the ability to centrally track and monitor various system data, events, and policies across all eligible endpoints within their environment.
Image credit: Pixelcreatures
Note: This article have been indexed to our site. We do not claim legitimacy, ownership or copyright of any of the content above. To see the article at original source Click Here
Kilner Vintage Glass Butter Churn; Delicious Homemade Butter in as Little as Ten Minutes; Large 34-Fluid Ounce Capacity Butter Churner, 1 EA
$67.36 (as of January 23, 2025 19:24 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Sleek Socket Original & Patented Ultra-Thin Outlet Concealer with Cord Concealer Kit, Flat Extension Cord with Multi Outlets Power Strip, Ideal for Home Improvement, Hide Bulky and Messy Cords
$23.95 (as of January 23, 2025 19:24 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
P&J Trading Fragrance Oil | Amber Oil 100ml - Candle Scents for Candle Making, Freshie Scents, Soap Making Supplies, Diffuser Oil Scents
$18.95 (as of January 23, 2025 19:24 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
65W Surface Pro Laptop Charger for Microsoft Surface Pro 10, 9, 8, 7+, 7, 6, 5, 4, 3, X, Windows Surface Laptop 6, 5, 4, 3, 2, 1, Surface Go…
$26.99 (as of January 23, 2025 19:56 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
