PT-2021-19540 · Mcafee · Mvision Edr
Published
2021-06-29
·
Updated
2026-02-24
·
CVE-2021-31838
CVSS v3.1
9.1
Critical
| Vector | AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
MVISION EDR versions prior to 3.4.0
Description
A command injection issue allows an authenticated administrator to execute arbitrary commands through PowerShell using the 'execute reaction' functionality.
Recommendations
For versions prior to 3.4.0, update to version 3.4.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the 'execute reaction' functionality until a patch is applied.
Fix
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mvision Edr