Unrated severityNVD Advisory· Published Apr 15, 2020· Updated Sep 16, 2024

McAfee firewall rules not enforced correctly

CVE-2020-7278

Description

Exploiting incorrectly configured access control security levels vulnerability in ENS Firewall in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 and 10.6.1 April 2020 updates allows remote attackers and local users to allow or block unauthorized traffic via pre-existing rules not being handled correctly when updating to the February 2020 updates.

Affected products

McAfee/ENS Firewallllm-create
Range: <10.7.0 (April 2020) and <10.6.1 (April 2020)
McAfee/Endpoint Security (ENS) for Windowsllm-fuzzy
Range: <10.7.0 (April 2020) and <10.6.1 (April 2020)
McAfee LLC/McAfee Endpoint Security (ENS)v5
Range: 10.7.x

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

kc.mcafee.com/corporate/indexmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000