Bleeping Computer’s article from January 21, 2022, states the following:

McAfee Enterprise (now rebranded as Trellix) has patched a security vulnerability discovered in the company’s McAfee Agent software for Windows enabling attackers to escalate privileges and execute arbitrary code with SYSTEM privileges.

McAfee Agent is a client-side component of McAfee ePolicy Orchestrator (McAfee ePO) that downloads and enforces endpoint policies and deploys antivirus signatures, upgrades, patches, and new products on enterprise endpoints.

The company has fixed the high severity local privilege escalation (LPE) flaw tracked as CVE-2022-0166 and discovered by CERT/CC vulnerability analyst Will Dormann issued security updates with the release of McAfee Agent 5.7.5 on January 18.

All McAfee Agent versions before 5.7.5 are vulnerable and allow unprivileged attackers to run code using NT AUTHORITY\SYSTEM account privileges, the highest level of privileges on a Windows system, used by the OS and OS services.

If you are running McAfee Agent, make sure to update and patch to the latest version.

author avatar
US Service Center Your Business technology Partner
Established in 2002, we are celebrating our 20th Anniversary. US Service Center specializes in wide range of services, including tailored, fully managed IT services and solutions for small and medium businesses and their owners. We are committed to providing each and every one of our clients with high quality service and support. Our unique IT team is incredibly friendly and can help you every step of the way in growing your business.
See Full Bio
social network icon social network icon social network icon social network icon social network icon