Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
June 10, 2021Rewterz Threat Alert – Lokibot Malware – Active IOCs
June 10, 2021Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
June 10, 2021Rewterz Threat Alert – Lokibot Malware – Active IOCs
June 10, 2021Severity
Medium
Analysis Summary
CVE-2021-31839
Improper privilege management vulnerability in McAfee Agent for Windows prior to 5.7.3 allows a local user to modify event information in the MA event folder. This allows a local user to either add false events or remove events from the event logs prior to them being sent to the ePO server.
CVE-2021-31840
A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows prior to 5.7.3 could allow an authenticated, local attacker to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. This would result in the user gaining elevated permissions and being able to execute arbitrary code.
Impact
- Improper Privilege Management
- Uncontrolled Search Path Element
Affected Vendors
McAfee
Affected Products
- McAfee Agent for Windows
Remediation
Install or update to MA for Windows 5.7.3
http://www.mcafee.com/us/downloads/downloads.aspx