CVE-2022-1256

Name of the Vulnerable Software and Affected Versions McAfee Agent versions prior to 5.7.6

Description The issue is related to a local privilege escalation vulnerability that allows a low-privileged user to gain system privileges. This is achieved by exploiting the repair functionality, which performs temporary file actions in the user's %TEMP% directory with System privileges through the manipulation of symbolic links.

Recommendations For versions prior to 5.7.6, update to version 5.7.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the repair functionality until a patch is available.