CVE-2019-3613

CVSS v3.1

7.3

High

Vector

AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions McAfee Agent versions prior to 5.6.4

Description The issue allows attackers with local access to execute arbitrary code via execution from a compromised folder. This is due to a DLL Search Order Hijacking vulnerability.

Recommendations For versions prior to 5.6.4, update to version 5.6.4 or later to resolve the issue. As a temporary workaround, consider restricting access to compromised folders to minimize the risk of exploitation.

Fix

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-427

Related Identifiers

CVE-2019-3613

Affected Products

Mcafee Agent

CVE-2019-3613

Weakness Enumeration

Related Identifiers

Affected Products

References · 5