CVE-2021-31836
MEDIUMMcAfee Agent for Windows < 5.7.4 - Improper Privilege Management via maconfig Utility
Title source: llmDescription
Improper privilege management vulnerability in maconfig for McAfee Agent for Windows prior to 5.7.4 allows a local user to gain access to sensitive information. The utility was able to be run from any location on the file system and by a low privileged user.
References (1)
Core 1
Core References
Broken Link x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10369
Scores
CVSS v3
5.6
EPSS
0.0011
EPSS Percentile
29.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N
Details
CWE
CWE-269
Status
published
Products (1)
mcafee/mcafee_agent
< 5.7.4
Published
Sep 22, 2021
Tracked Since
Feb 18, 2026