The version of the McAfee Endpoint Security (ENS) for Windows installed on the remote Windows host is 10.5.x prior to 10.5.5 Security Hotfix 129256, 10.6.x prior to 10.6.1 April 2020 Update, or 10.7.x prior to 10.7.0 April 2020 Update. It is, therefore, affected by multiple vulnerabilities:
A Symbolic link manipulation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows authenticated local user to potentially gain an escalation of privileges by pointing the link to files which the user would not normally have permission to alter via carefully creating symbolic links from the ENS log file directory. (CVE-2020-7250)
A privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges due to a configuration error.Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via a configuration error. (CVE-2020-7255)
A privilege escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links whilst an anti-virus scan was in progress. This is timing dependent. (CVE-2020-7257)
It is also affected by additional vulnerabilities; see the vendor advisory for more information
#
# (C) Tenable Network Security, Inc.
#
include('compat.inc');
if (description)
{
script_id(135972);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/05/13");
script_cve_id(
"CVE-2020-7250",
"CVE-2020-7255",
"CVE-2020-7257",
"CVE-2020-7259",
"CVE-2020-7261",
"CVE-2020-7273",
"CVE-2020-7274",
"CVE-2020-7275",
"CVE-2020-7276",
"CVE-2020-7277",
"CVE-2020-7278"
);
script_xref(name:"MCAFEE-SB", value:"SB10309");
script_xref(name:"IAVA", value:"2020-A-0171-S");
script_name(english:"McAfee Endpoint Security for Windows 10.5.x < 10.5.5 Security Hotfix 129256 / 10.6.x < 10.6.1 April 2020 Update / 10.7.x < 10.7.0 April 2020 Update Multiple Vulnerabilities (SB10309)");
script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of the McAfee Endpoint Security (ENS) for Windows installed on the remote Windows host is 10.5.x prior to
10.5.5 Security Hotfix 129256, 10.6.x prior to 10.6.1 April 2020 Update, or 10.7.x prior to 10.7.0 April 2020
Update. It is, therefore, affected by multiple vulnerabilities:
- A Symbolic link manipulation vulnerability in McAfee Endpoint
Security (ENS) for Windows prior to 10.7.0 February 2020 Update
allows authenticated local user to potentially gain an
escalation of privileges by pointing the link to files which
the user would not normally have permission to alter via
carefully creating symbolic links from the ENS log file
directory. (CVE-2020-7250)
- A privilege escalation vulnerability in the administrative user
interface in McAfee Endpoint Security (ENS) for Windows prior to
10.7.0 February 2020 Update allows local users to gain elevated
privileges due to a configuration error.Privilege escalation
vulnerability in the administrative user interface in McAfee
Endpoint Security (ENS) for Windows prior to 10.7.0 February
2020 Update allows local users to gain elevated privileges
via a configuration error. (CVE-2020-7255)
- A privilege escalation vulnerability in McAfee Endpoint Security
(ENS) for Windows prior to 10.7.0 February 2020 Update allows
local users to cause the deletion and creation of files they
would not normally have permission to through altering the
target of symbolic links whilst an anti-virus scan was in
progress. This is timing dependent. (CVE-2020-7257)
It is also affected by additional vulnerabilities; see the vendor advisory for more information");
script_set_attribute(attribute:"see_also", value:"https://kc.mcafee.com/corporate/index?page=content&id=SB10309");
script_set_attribute(attribute:"solution", value:
"Upgrade to McAfee ENS 10.5.5 Security Hotfix 129256, 10.6.1 April 2020 Update, 10.7.0 April 2020 Update or later.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-7277");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2020-7274");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_cwe_id(59, 119, 264, 269, 284, 287, 428, 693);
script_set_attribute(attribute:"vuln_publication_date", value:"2020/04/14");
script_set_attribute(attribute:"patch_publication_date", value:"2020/04/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/24");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:mcafee:endpoint_security");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("mcafee_endpoint_security_installed.nbin");
script_require_keys("installed_sw/McAfee Endpoint Security Platform", "SMB/Registry/Enumerated");
exit(0);
}
include('vcf.inc');
get_kb_item_or_exit('SMB/Registry/Enumerated');
app_info = vcf::get_app_info(app:'McAfee Endpoint Security Platform', win_local:TRUE);
# release notes with version info can be found here https://kc.mcafee.com/corporate/index?page=content&id=KB82450
# however we need to drop the last octect
constraints = [
{ 'min_version':'10.5.0', 'fixed_version':'10.5.5.5182', 'fixed_display':'10.5.5.5182 (10.5.5 Security Hotfix 129256)' },
{ 'min_version':'10.6.0', 'fixed_version':'10.6.1.1936', 'fixed_display':'10.6.1.1936 (10.6.1 April 2020 Update)' },
{ 'min_version':'10.7.0', 'fixed_version':'10.7.0.1675', 'fixed_display':'10.7.0.1675 (10.7.0 April 2020 Update)' }
];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);
Vendor | Product | Version | CPE |
---|---|---|---|
mcafee | endpoint_security | cpe:/a:mcafee:endpoint_security |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7250
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7255
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7257
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7259
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7261
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7273
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7274
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7275
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7276
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7277
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7278
kc.mcafee.com/corporate/index?page=content&id=SB10309