Endpoint Security@* Security Vulnerabilities and Issues — Endpoint Security@* CVE List

Lucene search

McafeeEndpoint Security*

10 matches found

CVE•added 2020/11/12 10:15 a.m.•75 views

CVE-2020-7331

Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files.

7.8CVSS7.5AI score0.00048EPSS

CVE•added 2020/02/14 3:15 p.m.•50 views

CVE-2020-7251

Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) Prior to 10.6.1 February 2020 Update allows local users to disable security features via unauthorised use of the configuration tool from older versions of ENS.

5.5CVSS5.2AI score0.00112EPSS

CVE•added 2020/05/08 12:15 p.m.•45 views

CVE-2020-7264

Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Hotfix 199847 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved th...

8.8CVSS8.2AI score0.00035EPSS

CVE•added 2020/05/08 12:15 p.m.•45 views

CVE-2020-7265

Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Mac prior to 10.6.9 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a ma...

8.8CVSS8.1AI score0.00035EPSS

CVE•added 2020/09/09 10:15 a.m.•39 views

CVE-2020-7323

Authentication Protection Bypass vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows physical local users to bypass the Windows lock screen via triggering certain detection events while the computer screen is locked and the McTray.exe is running ...

6.9CVSS6.4AI score0.00053EPSS

CVE•added 2020/11/12 10:15 a.m.•38 views

CVE-2020-7333

Cross site scripting vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows administrators to inject arbitrary web script or HTML via the configuration wizard.

4.8CVSS5.3AI score0.00351EPSS

CVE•added 2020/09/09 10:15 a.m.•37 views

CVE-2020-7319

Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file.

8.8CVSS8.4AI score0.00054EPSS

CVE•added 2020/11/12 10:15 a.m.•35 views

CVE-2020-7332

Cross Site Request Forgery vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows an attacker to execute arbitrary HTML code due to incorrect security configuration.

8.8CVSS8.2AI score0.00162EPSS

CVE•added 2020/09/09 10:15 a.m.•32 views

CVE-2020-7322

Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to gain access to sensitive information via incorrectly logging of sensitive information in debug logs.

4.7CVSS4.5AI score0.00059EPSS

CVE•added 2020/09/09 10:15 a.m.•26 views

CVE-2020-7320

Protection Mechanism Failure vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local administrator to temporarily reduce the detection capability allowing otherwise detected malware to run via stopping certain Microsoft services.

7.3CVSS6.5AI score0.00058EPSS