DLL search order hijacking in MA
CVE-2019-3613

5.9MEDIUM

Key Information:

Vendor: Mcafee, Llc
Status: Mcafee Agent (ma)
Vendor: CVE Published:; 10 June 2020

🔔 Create Mcafee, Llc Vulnerability Alert

What is CVE-2019-3613?

DLL Search Order Hijacking vulnerability in McAfee Agent (MA) prior to 5.6.4 allows attackers with local access to execute arbitrary code via execution from a compromised folder.

Affected Version(s)

McAfee Agent (MA) 5.6.x < 5.6.4

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 10, 2020
Vulnerability Reserved
Jan 3, 2019