Validate the Efficacy of your Endpoint Security Controls Continuously with Breach and Attack Simulations

Validate the efficacy of your Endpoint Security controls continuously with Breach and Attack Simulations By Nicolas Stricher, Trellix XDR solution Architect, EMEA and Doron RosenbergTrellix Senior Sales Engineer, Israel · March 4, 2022 Efficacy of Trellix Endpoint Security At Trellix we are proud...

CVE-2020-7308

Cleartext Transmission of Sensitive Information between McAfee Endpoint Security ENS for Windows prior to 10.7.0 February 2021 Update and McAfee Global Threat Intelligence GTI servers using DNS allows a remote attacker to view the requests from ENS and responses from GTI over DNS. By gaining...

Design/Logic Flaw

Cleartext Transmission of Sensitive Information between McAfee Endpoint Security ENS for Windows prior to 10.7.0 February 2021 Update and McAfee Global Threat Intelligence GTI servers using DNS allows a remote attacker to view the requests from ENS and responses from GTI over DNS. By gaining...

CVE-2020-7308 Transmission of data in clear text by McAfee ENS

Cleartext Transmission of Sensitive Information between McAfee Endpoint Security ENS for Windows prior to 10.7.0 February 2021 Update and McAfee Global Threat Intelligence GTI servers using DNS allows a remote attacker to view the requests from ENS and responses from GTI over DNS. By gaining...

CVE-2021-23882 Improper Access Control in the ENS installer

Improper Access Control vulnerability in McAfee Endpoint Security ENS for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean...

CVE-2021-23878 Clear text storage of sensitive Information in ENS

Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security ENS for Windows prior to 10.7.0 February 2021 Update allows a local user to view ENS settings and credentials via accessing process memory after the ENS administrator has performed specific actions. To...

CVE-2020-7319 Improper Access Control Vulnerability in ENS for Windows

Improper Access Control vulnerability in McAfee Endpoint Security ENS for Windows prior to 10.7.0 September 2020 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file...

Privilege escalation

Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security ENS Prior to 10.7.0 February 2020 Update allows local users to bypass local security protection via a carefully crafted input file...

Design/Logic Flaw

Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security ENS for Windows Prior to 10.7.0 April 2020 Update allows local users to delete or rename programs in the autorun key via manipulation of some parameters...

CVE-2020-7261 Buffer overwrite in ENS allowed to bypass AMSI protection

Buffer Overflow via Environment Variables vulnerability in AMSI component in McAfee Endpoint Security ENS Prior to 10.7.0 February 2020 Update allows local users to disable Endpoint Security via a carefully crafted user input...

CVE-2020-7261

CVE-2020-7261 affects McAfee Endpoint Security (ENS) in the AMSI component. A buffer overflow via environment variables in ENS prior to 10.7.0 (February 2020 Update) can allow a local attacker to disable Endpoint Security by supplying crafted input. The vulnerability is limited to local access (a...

CVE-2020-7275 Unquoted service paths for some McAfee ENS files

Accessing, modifying or executing executable files vulnerability in the uninstaller in McAfee Endpoint Security ENS for Windows Prior to 10.7.0 April 2020 Update allows local users to execute arbitrary code via a carefully crafted input file...

CVE-2020-7251 ESConfig Tool able to edit configuration for newer version

Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security ENS Prior to 10.6.1 February 2020 Update allows local users to disable security features via unauthorised use of the configuration tool from older versions of ENS...

Session fixation

Protection Mechanism Failure in the Firewall in McAfee Endpoint Security ENS 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI...