CVE-2021-23883

CWE-476NULL Pointer Dereference3 documents3 sources
Severity
4.4MEDIUM
EPSS
0.1%
top 80.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mcafee LLC Endpoint Security (ens) FOR WindowsMcafee Endpoint Security
Timeline
PublishedFeb 10
Latest updateMay 24

Description

A Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local administrator to cause Windows to crash via a specific system call which is not handled correctly. This varies by machine and had partial protection prior to this update.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:HExploitability: 0.3 | Impact: 3.6

Affected Packages2 packages

CVEListV5mcafee_llc/endpoint_security_(ens)_for_windows10.7.x10.7.0 February 2021

🔴Vulnerability Details

2
GHSA
GHSA-fcrq-5g5m-qh6j: A Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 102022-05-24
CVEList
Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS)2021-02-10
CVE-2021-23883 (MEDIUM CVSS 4.4) | A Null Pointer Dereference vulnerab | cvebase.io