Null pointer dereference

A Null Pointer Dereference vulnerability in McAfee Endpoint Security ENS for Windows prior to 10.7.0 February 2021 Update allows a local administrator to cause Windows to crash via a specific system call which is not handled correctly. This varies by machine and had partial protection prior to th...

Information disclosure

Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security ENS for Windows prior to 10.7.0 February 2021 Update allows a local user to view ENS settings and credentials via accessing process memory after the ENS administrator has performed specific actions. To...

PT-2021-15583 · Mcafee · Mcafee Endpoint Security

Name of the Vulnerable Software and Affected Versions: McAfee Endpoint Security ENS versions prior to 10.7.0 February 2021 Update Description: A stored cross-site scripting issue allows an ENS ePO administrator to add a script to a policy event. This script will be executed through a browser bloc...

PT-2021-15582 · Mcafee · Mcafee Endpoint Security (Ens) For Windows

Name of the Vulnerable Software and Affected Versions: McAfee Endpoint Security ENS for Windows versions prior to 10.7.0 February 2021 Update Description: The issue concerns improper access control in an attribute, allowing an authenticated local administrator user to uninstall the anti-malware...