CVE-2021-31854: Code injection vulnerability in McAfee Agent
First published: Wed Jan 19 2022(Updated: )
A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed by running the McAfee Agent deployment feature located in the System Tree. An attacker may exploit the vulnerability to obtain a reverse shell which can lead to privilege escalation to obtain root privileges.
Credit: psirt@mcafee.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mcafee Agent | <5.7.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this command injection vulnerability in McAfee Agent?
The vulnerability ID is CVE-2021-31854.
What is the affected software?
The affected software is McAfee Agent for Windows prior to version 5.7.5.
How does this vulnerability impact users?
This vulnerability allows local users to inject arbitrary shell code into the file cleanup.exe, leading to potential unauthorized execution of commands.
What is the severity of CVE-2021-31854?
The severity of CVE-2021-31854 is critical, with a severity value of 7.8.
How can I fix this vulnerability in McAfee Agent?
To fix this vulnerability, update McAfee Agent to version 5.7.5 or later.
- collector/nvd-index
- agent/type
- agent/weakness
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/severity
- agent/last-modified-date
- agent/title
- agent/tags
- agent/event
- agent/first-publish-date
- agent/description
- vendor/mcafee
- canonical/mcafee agent