![]() One of the flaws in the Agent – tracked as CVE-2022-0166 and given a CVSS base criticality rating of 7.8 – was discovered by Will Dormann of the Carnegie Mellon University’s CERT Coordination Center (CERT/CC). OpenSSL Component Bug Can Lead to SYSTEM Privileges ![]() Periodically collecting and sending event information to the McAfee ePO server, the Agent – which also installs and updates endpoint products – is a required install on any network system that needs to be managed. ![]() The McAfee Agent is also the component that uploads events and provides additional data regarding each system’s status. The Agent is the piece of McAfee ePolicy Orchestrator (McAfee ePO) that downloads and enforces policies and executes client-side tasks such as deployment and updating. McAfee has patched two high-severity vulnerabilities in a component of its McAfee Enterprise product that attackers can use to escalate privileges, including up to SYSTEM.Īccording to McAfee’s bulletin, the bugs are in versions prior to 5.7.5 of McAfee Agent, which is used in McAfee Endpoint Security, among other McAfee products.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |