CVE-2021-31833
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-31833
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Potential product security bypass vulnerability in McAfee Application and Change Control (MACC) prior to version 8.3.4 allows a locally logged in attacker to circumvent the application solidification protection provided by MACC, permitting them to run applications that would usually be prevented by MACC. This would require the attacker to rename the specified binary to match name of any configured updater and perform a specific set of steps, resulting in the renamed binary to be to run.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
特权管理不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Mcafee McAfee Application and Change Control 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Mcafee McAfee Application and Change Control(MACC)是美国迈克菲(Mcafee)公司的一套安全威胁监测系统。 McAfee Application and Change Control 存在安全漏洞,该漏洞源于攻击者可利用该漏洞可以通过重命名文件来利用 McAfee Application and Change Control 的漏洞来运行代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| McAfee,LLC | McAfee Application and Change Control (MACC) | unspecified ~ 8.3.4 | - |
II. Public POCs for CVE-2021-31833
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-31833
请登录查看更多情报信息。
- https://kc.mcafee.com/corporate/index?page=content&id=SB10370x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2021-31833
IV. Related Vulnerabilities
Same vendor: McAfee,LLC
Same weakness: CWE-269
- CVE-2026-42562
Plainpad: Privilege Escalation via Writable Admin Field in P - CVE-2026-41163
bubblewrap vulnerable to privilege escalation in setuid mode - CVE-2026-44987
SysReptor: Privilege Escalation from User Admin to Superuser - CVE-2026-42185
People: Privilege Escalation via Missing Role Ceiling in Mai - CVE-2026-40001
Local privilege escalation vulnerability in ZTE PROCESS Guar
V. Comments for CVE-2021-31833
No comments yet