{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T03:16:19.717","vulnerabilities":[{"cve":{"id":"CVE-2021-31840","sourceIdentifier":"trellixpsirt@trellix.com","published":"2021-06-10T17:15:08.180","lastModified":"2024-11-21T06:06:20.053","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows prior to 5.7.3 could allow an authenticated, local attacker to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. This would result in the user gaining elevated permissions and being able to execute arbitrary code."},{"lang":"es","value":"Una vulnerabilidad en el mecanismo de precarga de determinadas bibliotecas de vínculos dinámicos en McAfee Agent para Windows anterior a versión 5.7.3 podría permitir a un atacante local autenticado llevar a cabo un ataque de precarga de DLL con DLL sin firmar. Para explotar esta vulnerabilidad, el atacante necesitaría tener credenciales válidas en el sistema Windows. Esto resultaría que el usuario consiguiera permisos elevados y poder ejecutar código arbitrario"}],"metrics":{"cvssMetricV31":[{"source":"trellixpsirt@trellix.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:P/I:P/A:P","baseScore":4.4,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"trellixpsirt@trellix.com","type":"Secondary","description":[{"lang":"en","value":"CWE-427"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-427"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:mcafee_agent:*:*:*:*:*:windows:*:*","versionStartIncluding":"5.0.0","versionEndExcluding":"5.7.3","matchCriteriaId":"3A8680F1-4C16-44EE-B130-BB3BBBF4E808"}]}]}],"references":[{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10362","source":"trellixpsirt@trellix.com"},{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10362","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}