Mcafee Endpoint Security vulnerabilities

CVE-2020-7257 [HIGH] CWE-264 CVE-2020-7257: Privilege escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Feb Privilege escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links whilst an anti-virus scan was in progress. This is timing dependent.

CVE-2020-7278 [HIGH] CWE-284 CVE-2020-7278: Exploiting incorrectly configured access control security levels vulnerability in ENS Firewall in Mc Exploiting incorrectly configured access control security levels vulnerability in ENS Firewall in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 and 10.6.1 April 2020 updates allows remote attackers and local users to allow or block unauthorized traffic via pre-existing rules not being handled correctly when updating to the Februa

CVE-2020-7276 [MEDIUM] CWE-287 CVE-2020-7276: Authentication bypass vulnerability in MfeUpgradeTool in McAfee Endpoint Security (ENS) for Windows Authentication bypass vulnerability in MfeUpgradeTool in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows administrator users to access policy settings via running this tool.

CVE-2020-7275 [MEDIUM] CWE-428 CVE-2020-7275: Accessing, modifying or executing executable files vulnerability in the uninstaller in McAfee Endpoi Accessing, modifying or executing executable files vulnerability in the uninstaller in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to execute arbitrary code via a carefully crafted input file.

CVE-2020-7261 [MEDIUM] CWE-119 CVE-2020-7261: Buffer Overflow via Environment Variables vulnerability in AMSI component in McAfee Endpoint Securit Buffer Overflow via Environment Variables vulnerability in AMSI component in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to disable Endpoint Security via a carefully crafted user input.

CVE-2020-7273 [MEDIUM] CWE-269 CVE-2020-7273: Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up prote Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to delete or rename programs in the autorun key via manipulation of some parameters.

CVE-2020-7277 [MEDIUM] CWE-693 CVE-2020-7277: Protection mechanism failure in all processes in McAfee Endpoint Security (ENS) for Windows prior to Protection mechanism failure in all processes in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows local users to stop certain McAfee ENS processes, reducing the protection offered.

CVE-2020-7255 [LOW] CWE-264 CVE-2020-7255: Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via ENS not checking user permissions when editing configuration in the ENS client interface. Administrators can lock the ENS client interface through ePO

CVE-2020-7263 [MEDIUM] CWE-264 CVE-2020-7263: Improper access control vulnerability in ESconfigTool.exe in McAfee Endpoint Security (ENS) for Wind Improper access control vulnerability in ESconfigTool.exe in McAfee Endpoint Security (ENS) for Windows all current versions allows local administrator to alter ENS configuration up to and including disabling all protection offered by ENS via insecurely implemented encryption of configuration for export and import.

CVE-2020-7251 [MEDIUM] CWE-358 CVE-2020-7251: Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) Prior to 10.6.1 February 2020 Update allows local users to disable security features via unauthorised use of the configuration tool from older versions of ENS.

CVE-2019-3653 [MEDIUM] CWE-284 CVE-2019-3653: Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to gain access to security configuration via unauthorized use of the configuration tool.

CVE-2019-3652 [MEDIUM] CWE-94 CVE-2019-3652: Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Security (ENS) Prior to 10.6.1 Octobe Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to get their malicious code installed by the ENS installer via code injection into EPSetup.exe by an attacker with access to the installer.

CVE-2019-3586 [HIGH] CWE-693 CVE-2019-3586: Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI reputation is carefully manipulated and does not correctl

CVE-2019-3582 [HIGH] CVE-2019-3582: Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10. Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and earlier allows local users to gain elevated privileges via a specific set of circumstances.

CVE-2017-4028 [MEDIUM] CWE-74 CVE-2017-4028: Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consume Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters.

CVE-2016-8010 [HIGH] CWE-284 CVE-2016-8010: Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility.

CVE-2016-3984 [MEDIUM] CWE-284 CVE-2016-3984: The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, En