Overview
McAfee Agent contains a privilege escalation vulnerability due to the use of an OPENSSLDIR
variable that specifies a location where an unprivileged Windows user may be able to place files.
Description
CVE-2022-0166
McAfee Agent, which comes with various McAfee products such as McAfee Endpoint Security, includes an OpenSSL component that specifies an OPENSSLDIR
variable as a subdirectory that my be controllable by an unprivileged user on Windows. McAfee Agent contains a privileged service that uses this OpenSSL component. A user who can place a specially-crafted openssl.cnf
file at an appropriate path may be able to achieve arbitrary code execution with SYSTEM privileges.
Impact
By placing a specially-crafted openssl.cnf
in a location used by McAfee Agent, an unprivileged user may be able to execute arbitrary code with SYSTEM privileges on a Windows system with the vulnerable McAfee Agent software installed.
Solution
Apply an update
This vulnerability is addressed in McAfee Agent version 5.7.5.
Acknowledgements
This vulnerability was reported by Will Dormann of the CERT/CC.
This document was written by Will Dormann.
Vendor Information
Other Information
CVE IDs: | CVE-2022-0166 |
Date Public: | 2022-01-20 |
Date First Published: | 2022-01-20 |
Date Last Updated: | 2022-01-20 21:47 UTC |
Document Revision: | 1 |