Mcafee Vulnerabilities
Comprehensive security vulnerability database for Mcafee products
4
1
2
0
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2021-31854 | 7.8 | This vulnerability allows an attacker to run their own commands on a Windows system by tricking McAfee Agent into executing a malicious file. To exploit it, the attacker needs local access to the machine and must place a specially crafted file in the right folder, which can then lead to gaining higher privileges on the system. | mcafeeagent | Exploit Available | about 4 years agoJan 19, 2022 |
| CVE-2021-31843 | 7.8 | This vulnerability allows a local user to access sensitive files in McAfee Endpoint Security that they shouldn't normally be able to reach by tricking the software into redirecting its file operations. To exploit this, the attacker needs to manipulate junction links on the system, which requires some level of access to the local machine. | mcafeeendpoint security | Theoretical | over 4 years agoSep 17, 2021 |
| CVE-2021-31838 | 9.1 | This vulnerability allows an authenticated administrator of MVISION EDR to execute any command on the system using PowerShell, which could lead to unauthorized access or control over the system. The attacker must already have administrator access to exploit this flaw, making it critical for organizations to secure their admin accounts. | mcafeemvision edr | Theoretical | almost 5 years agoJun 29, 2021 |
| CVE-2021-23892 | 7.0 | This vulnerability allows a local user to gain administrator privileges on a system running McAfee's Endpoint Security for Linux, enabling them to execute any code they want. It occurs during the installation process due to a timing issue that lets the attacker exploit temporary files that are not securely managed. | mcafeeendpoint security for linux threat prevention | Exploit Available | almost 5 years agoMay 12, 2021 |
About Mcafee Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Mcafee products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.