Mcafee Llc Endpoint Security For Windows vulnerabilities

CVE-2020-7320 [MEDIUM] CWE-693 CVE-2020-7320: Protection Mechanism Failure vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10 Protection Mechanism Failure vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local administrator to temporarily reduce the detection capability allowing otherwise detected malware to run via stopping certain Microsoft services.

CVE-2020-7319 [HIGH] CWE-59 CVE-2020-7319: Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file.

CVE-2020-7322 [MEDIUM] CWE-532 CVE-2020-7322: Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 S Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to gain access to sensitive information via incorrectly logging of sensitive information in debug logs.

CVE-2020-7323 [MEDIUM] CWE-287 CVE-2020-7323: Authentication Protection Bypass vulnerability in McAfee Endpoint Security (ENS) for Windows prior t Authentication Protection Bypass vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows physical local users to bypass the Windows lock screen via triggering certain detection events while the computer screen is locked and the McTray.exe is running with elevated privileges. This issue is timing depende