Vigil@nce - McAfee Application and Change Control: executing DLL code
May 2020 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/?langue=2
SYNTHESIS OF THE VULNERABILITY
An attacker can create a malicious DLL, and then put it in the
current directory of McAfee Application and Change Control, in
order to execute code.
Impacted products: MAC.
Severity: 2/4.
Consequences: user access/rights.
Provenance: intranet server.
Confidence: confirmed by the editor (5/5).
Creation date: 25/03/2020.
DESCRIPTION OF THE VULNERABILITY
The McAfee Application and Change Control product uses external
shared libraries (DLL).
However, if the working directory contains a malicious DLL, it is
automatically loaded.
An attacker can therefore create a malicious DLL, and then put it
in the current directory of McAfee Application and Change Control,
in order to execute code.
ACCESS TO THE FULL VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/McAfee-Application-and-Change-Control-executing-DLL-code-31877