The bulletin identified CVE-2021-31854 and CVE-2022-0166, two high severity attack vectors that can leave any asset with McAfee ePO Agents deployed vulnerable to attack. Per the McAfee’s…
In brief: McAfee Agent, a component of the company’s ePolicy Orchestrator (ePO), is deployed to client machines to report data, status, and enforce policies. Earlier this week, the company released a security bulletin highlighting two CVEs affecting previous versions of the ePO Agent deployed to support ePO efforts. The company released an updated version of the Agent that effectively remediates the vulnerabilities, both of which received high severity ratings. The bulletin identified CVE-2021-31854 and CVE-2022-0166, two high severity attack vectors that can leave any asset with McAfee ePO Agents deployed vulnerable to attack. Per the McAfee’s guidance, any implementations with Agents earlier than version 5.
