McAfee has recently patched two different high-severity bugs in its Agent component that could be used by attackers to escalate privileges, including up to SYSTEM. The bugs could also allow attackers to achieve arbitrary code execution and perform other malicious actions. The bug lies in the McAfee Enterprise product for Windows devices. The vulnerabilities exist in versions prior to 5.7.5 McAfee Agent, which is used in several different McAfee products. The Agent is a piece of software that downloads and enforces policies as well as executes client-side tasks such as updating. The Agent also uploads events and provides additional data regarding each system’s status.

One of the flaws in the Agent, tracked as CVE-2022-0166, has been given a CVSS score of 7.8. On Thursday, Carnegie Mellon University’s CERT Coordination Center published an advisory detailing the vulnerability, which was discovered by Will Dormann in the OpenSSL component in Agent. CERT/CC stated that the vulnerability may be controllable by an unprivileged user on Windows. Dormann explained that a user could exploit the bug to execute arbitrary code with SYSTEM privileges on a Windows system that has the vulnerable software installed. Users should apply any updates and be cautious of the threat.

Read More: McAfee Bug Can Be Exploited to Gain Windows SYSTEM Privileges