CVE-2019-3613

MEDIUM

Mcafee Agent < 5.0.6 - Uncontrolled Search Path

Title source: rule

Description

DLL Search Order Hijacking vulnerability in McAfee Agent (MA) prior to 5.6.4 allows attackers with local access to execute arbitrary code via execution from a compromised folder.

References (1)

[Vendor Advisory] https://kc.mcafee.com/corporate/index?page=content&id=SB10320

Scores

CVSS v3 5.9

EPSS 0.0004

EPSS Percentile 10.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N

Classification

CWE

CWE-427

Status published

Affected Products (1)

mcafee/agent < 5.0.6

Timeline

Published Jun 10, 2020

Tracked Since Feb 18, 2026