← Zuruck zu CVEs
CVE-2021-31840
HIGH7.3
Beschreibung
A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows prior to 5.7.3 could allow an authenticated, local attacker to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. This would result in the user gaining elevated permissions and being able to execute arbitrary code.
CVE Details
CVSS v3.1 Bewertung7.3
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionREQUIRED
Veroffentlicht6/10/2021
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
mcafee:mcafee_agent
Schwachen (CWE)
CWE-427CWE-427
Referenzen
https://kc.mcafee.com/corporate/index?page=content&id=SB10362(trellixpsirt@trellix.com)
https://kc.mcafee.com/corporate/index?page=content&id=SB10362(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.