Mcafee Endpoint Security vulnerabilities

CVE-2021-31843 [HIGH] CWE-59 CVE-2021-31843: Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7 Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended location.

CVE-2021-31842 [MEDIUM] CWE-776 CVE-2021-31842: XML Entity Expansion injection vulnerability in McAfee Endpoint Security (ENS) for Windows prior to XML Entity Expansion injection vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2021 Update allows a local user to initiate high CPU and memory consumption resulting in a Denial of Service attack through carefully editing the EPDeploy.xml file and then executing the setup process.

CVE-2020-7308 [MEDIUM] CWE-319 CVE-2020-7308: Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for Windows p Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update and McAfee Global Threat Intelligence (GTI) servers using DNS allows a remote attacker to view the requests from ENS and responses from GTI over DNS. By gaining control of an intermediate DNS server or altering the ne

CVE-2021-23881 [MEDIUM] CWE-79 CVE-2021-23881: A stored cross site scripting vulnerability in ePO extension of McAfee Endpoint Security (ENS) prior A stored cross site scripting vulnerability in ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 February 2021 Update allows an ENS ePO administrator to add a script to a policy event which will trigger the script to be run through a browser block page when a local non-administrator user triggers the policy.

CVE-2021-23882 [HIGH] CWE-269 CVE-2021-23882: Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean installations of ENS as the Access Control rules will prevent

CVE-2021-23878 [HIGH] CWE-312 CVE-2021-23878: Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security (ENS Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local user to view ENS settings and credentials via accessing process memory after the ENS administrator has performed specific actions. To exploit this, the local user has to access the releva

CVE-2021-23880 [MEDIUM] CWE-269 CVE-2021-23880: Improper Access Control in attribute in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 F Improper Access Control in attribute in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows authenticated local administrator user to perform an uninstallation of the anti-malware engine via the running of a specific command with the correct parameters.

CVE-2021-23883 [MEDIUM] CWE-476 CVE-2021-23883: A Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7 A Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local administrator to cause Windows to crash via a specific system call which is not handled correctly. This varies by machine and had partial protection prior to this update.

CVE-2020-7331 [HIGH] CWE-428 CVE-2020-7331: Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Upd Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files.

CVE-2020-7332 [HIGH] CWE-352 CVE-2020-7332: Cross Site Request Forgery vulnerability in the firewall ePO extension of McAfee Endpoint Security ( Cross Site Request Forgery vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows an attacker to execute arbitrary HTML code due to incorrect security configuration.

CVE-2020-7333 [MEDIUM] CWE-79 CVE-2020-7333: Cross site scripting vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) p Cross site scripting vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows administrators to inject arbitrary web script or HTML via the configuration wizard.

CVE-2020-7320 [MEDIUM] CWE-693 CVE-2020-7320: Protection Mechanism Failure vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10 Protection Mechanism Failure vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local administrator to temporarily reduce the detection capability allowing otherwise detected malware to run via stopping certain Microsoft services.

CVE-2020-7319 [HIGH] CWE-59 CVE-2020-7319: Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file.

CVE-2020-7322 [MEDIUM] CWE-532 CVE-2020-7322: Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 S Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to gain access to sensitive information via incorrectly logging of sensitive information in debug logs.

CVE-2020-7323 [MEDIUM] CWE-287 CVE-2020-7323: Authentication Protection Bypass vulnerability in McAfee Endpoint Security (ENS) for Windows prior t Authentication Protection Bypass vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows physical local users to bypass the Windows lock screen via triggering certain detection events while the computer screen is locked and the McTray.exe is running with elevated privileges. This issue is timing depende

CVE-2020-7265 [HIGH] CWE-274 CVE-2020-7265: Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Mac prior to 10.6.9 allows Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Mac prior to 10.6.9 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.

CVE-2020-7264 [HIGH] CWE-274 CVE-2020-7264: Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Hot Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Hotfix 199847 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the targe

CVE-2020-7274 [MEDIUM] CWE-269 CVE-2020-7274: Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security (ENS) for Windows Prior Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges).

CVE-2020-7250 [HIGH] CWE-59 CVE-2020-7250: Symbolic link manipulation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7 Symbolic link manipulation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows authenticated local user to potentially gain an escalation of privileges by pointing the link to files which the user which not normally have permission to alter via carefully creating symbolic links from the ENS log file dir

CVE-2020-7259 [MEDIUM] CWE-264 CVE-2020-7259: Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security (ENS) Prior to 10. Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to bypass local security protection via a carefully crafted input file