McAfee has patched two high-severity bugs in its Agent component, one of which can allow attackers to achieve arbitrary code execution with SYSTEM privileges.
McAfee has patched two high-severity vulnerabilities in a component of its McAfee Enterprise product that attackers can use to escalate privileges, including up to SYSTEM.
The Agent is the piece of McAfee ePolicy Orchestrator (McAfee ePO) that downloads and enforces policies and executes client-side tasks such as deployment and updating.
The McAfee Agent is also the component that uploads events and provides additional data regarding each system’s status. Periodically collecting and sending event information to the McAfee ePO server, the Agent – which also installs and updates endpoint products – is a required install on any network system that needs to be managed.
OpenSSL Component Bug Can Lead to SYSTEM Privileges
One of the flaws in the Agent – tracked as CVE-2022-0166 and given a CVSS base criticality rating of 7.8 – was discovered by Will Dormann of the Carnegie Mellon University’s CERT Coordination Center (CERT/CC).