CVE-2022-1256

Summary

A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. Temporary file actions were performed on the local user's %TEMP% directory with System privileges through manipulation of symbolic links.

Affected Software

VendorProductVersion RangeStatus
McAfee,LLCMcAfee Agent for Windowsunspecified < 5.7.6affected

Weaknesses

  • CWE-269: CWE-269: Improper Privilege Management

ADP Enrichment

CVE Program Container

Additional References

References