Unrated severityNVD Advisory· Published Feb 10, 2021· Updated Sep 16, 2024

Improper Access Control in the ENS installer

CVE-2021-23882

Description

Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean installations of ENS as the Access Control rules will prevent modification prior to up an upgrade.

Affected products

McAfee/Endpoint Security (ENS) for Windowsllm-fuzzy
Range: <10.7.0 February 2021 Update
McAfee LLC/Endpoint Security (ENS) for Windowsv5
Range: 10.7.x

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

kc.mcafee.com/corporate/indexmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000