CVE-2022-1257— Improper Verification of Cryptographic Signature by McAfee Agent
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-1257
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Verification of Cryptographic Signature by McAfee Agent
Source: NVD (National Vulnerability Database)
Vulnerability Description
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
敏感信息的不安全存储
Source: NVD (National Vulnerability Database)
Vulnerability Title
McAfee Agent 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Mcafee McAfee Agent(MA)是美国迈克菲(Mcafee)公司的一套提供了ePolicy Orchestrator(杀毒软件管理平台)与被管理产品之间的安全通信的客户端组件。 McAfee Agent for Linux、macOS 和 Windows 5.7.6 之前存在安全漏洞,该漏洞允许本地用户通过存储在 ma.db 中访问敏感信息。敏感信息已移至加密的数据库文件。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| McAfee,LLC | McAfee Agent | unspecified ~ 5.7.6 | - |
II. Public POCs for CVE-2022-1257
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | A script is a PoC for **CVE-2022-1257**, a vulnerability in the McAfee Agent (Trellix Agent) when working with it's database. The vulnerability allows attackers to retrieve and decrypt credentials from the McAfee Agent database file (`ma.db`) due to improper encryption key handling. | https://github.com/kayes817/CVE-2022-1257 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-1257
请登录查看更多情报信息。
- https://kc.mcafee.com/corporate/index?page=content&id=SB10382x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2022-1257
Same Patch Batch · McAfee,LLC · 2022-04-14 · 3 CVEs total
| CVE-2022-1258 | 8.4 HIGH | SQL injection vulnerability in McAfee Agent's ePO extension |
| CVE-2022-1256 | 7.8 HIGH | Improper Privilege Management in McAfee Agent for Windows |
IV. Related Vulnerabilities
Same vendor: McAfee,LLC
Same weakness: CWE-922
- CVE-2026-40868
kyverno apicall servicecall implicit bearer token injection - CVE-2026-26152
Microsoft Cryptographic Services Elevation of Privilege Vuln - CVE-2026-5666
code-projects Online FIR System SQL Database Backup File com - CVE-2026-5650
code-projects Online Application System for Admission oas.sq - CVE-2025-10734
ReviewX – WooCommerce Product Reviews with Multi-Criteria, R
V. Comments for CVE-2022-1257
No comments yet