McAfee Agent for Windows contained a serious vulnerability that allowed the code of the proletterto run with SYSTEM privileges. The company fixed the vulnerability (CVE-2022-0166), which existed in products such as McAfee Endpoint Security through a component of OpenSSL. The same is true for a second vulnerability CVE-2021-31854.
CERT Coordination Center at Carnegie Mellon University describes the vulnerability CVE-2022-0166, discovered by Will Dormann, in 20 January of 2022.
McAfee Agent is available in various McAfee products, such as McAfee Endpoint Security, and includes an OpenSSL component. This item defines an OPENSSLDIR variable as a subdirectory that can be registered and handled by an underprivileged user in Windows.
McAfee Agent on the other hand, also has a privileged service that uses this OpenSSL component. So if a user can place a specially created archive openssl.cnf in an appropriate path can run arbitrary code with SYSTEM privileges.
This vulnerability has been fixed in version 5.7.5 of McAfee Agent. McAfee posted a safety warning on the above, which states that it fixed a second vulnerability in CVE-2021-31854 (discovered by Russell Wells of Cyberlinx Security), in addition to CVE-2022-0166.
Vulnerability 2 allowed commands to be inserted into McAfee Agent (MA) before version 5.7.5, which made it easier for users to pass malicious shell code into the cleanup.exe file.
Tip: Basically McAfee Agent is of no use to you and you could remove it without any problem….