Improper access control vulnerability in the repair process for McAfee Agent for Windows before 5.7.4 could allow a local malicious user to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user, through not correctly protecting a temporary directory used in the repair process and not checking the DLL signature.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mcafee agent |