CVE-2021-31839

Name of the Vulnerable Software and Affected Versions McAfee Agent for Windows versions prior to 5.7.3

Description The issue is related to improper privilege management, allowing a local user to modify event information in the MA event folder. This enables the user to add false events or remove events from the event logs before they are sent to the ePO server.

Recommendations For versions prior to 5.7.3, update to version 5.7.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the MA event folder to prevent unauthorized modifications until a patch is applied.