CVE-2021-31843

high Trellix
CVSS v3 Base Score
7.3
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.0%
Exploitation probability in 30 days
Top 90% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Confidentiality
High
Integrity
High
Availability
High
Published: September 17, 2021 (1699 days ago)
Last Modified: February 24, 2026
Vendor: Trellix

Description

Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended location.

CWE

CWE-59

Affected Products

mcafee endpoint security

References

🔗 kc.mcafee.com 🔗 kc.mcafee.com