Endpoint Security
by McAfee
CVEs (29)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-7273 | 0.00 | — | 0.00 | Apr 15, 2020 | Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to delete or rename programs in the autorun key via manipulation of some… | |||
| CVE-2020-7274 | 0.00 | — | 0.00 | Apr 15, 2020 | Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by… | |||
| CVE-2020-7277 | 0.00 | — | 0.00 | Apr 15, 2020 | Protection mechanism failure in all processes in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows local users to stop certain McAfee ENS processes, reducing the protection offered. | |||
| CVE-2020-7263 | 0.00 | — | 0.00 | Apr 1, 2020 | Improper access control vulnerability in ESconfigTool.exe in McAfee Endpoint Security (ENS) for Windows all current versions allows local administrator to alter ENS configuration up to and including disabling all protection offered by ENS via insecurely implemented encryption of… | |||
| CVE-2020-7251 | 0.00 | — | 0.00 | Feb 14, 2020 | Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) Prior to 10.6.1 February 2020 Update allows local users to disable security features via unauthorised use of the configuration tool from older versions of ENS. | |||
| CVE-2019-3653 | 0.00 | — | 0.00 | Oct 9, 2019 | Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to gain access to security configuration via unauthorized use of the configuration tool. | |||
| CVE-2019-3652 | 0.00 | — | 0.00 | Oct 9, 2019 | Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to get their malicious code installed by the ENS installer via code injection into EPSetup.exe by an attacker with access to the installer. | |||
| CVE-2019-3586 | 0.00 | — | 0.01 | May 15, 2019 | Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious… | |||
| CVE-2019-3582 | 0.00 | — | 0.00 | Feb 28, 2019 | Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and earlier allows local users to gain elevated privileges via a specific set of circumstances. |
- CVE-2020-7273Apr 15, 2020risk 0.00cvss —epss 0.00
Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to delete or rename programs in the autorun key via manipulation of some…
- CVE-2020-7274Apr 15, 2020risk 0.00cvss —epss 0.00
Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by…
- CVE-2020-7277Apr 15, 2020risk 0.00cvss —epss 0.00
Protection mechanism failure in all processes in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows local users to stop certain McAfee ENS processes, reducing the protection offered.
- CVE-2020-7263Apr 1, 2020risk 0.00cvss —epss 0.00
Improper access control vulnerability in ESconfigTool.exe in McAfee Endpoint Security (ENS) for Windows all current versions allows local administrator to alter ENS configuration up to and including disabling all protection offered by ENS via insecurely implemented encryption of…
- CVE-2020-7251Feb 14, 2020risk 0.00cvss —epss 0.00
Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) Prior to 10.6.1 February 2020 Update allows local users to disable security features via unauthorised use of the configuration tool from older versions of ENS.
- CVE-2019-3653Oct 9, 2019risk 0.00cvss —epss 0.00
Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to gain access to security configuration via unauthorized use of the configuration tool.
- CVE-2019-3652Oct 9, 2019risk 0.00cvss —epss 0.00
Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to get their malicious code installed by the ENS installer via code injection into EPSetup.exe by an attacker with access to the installer.
- CVE-2019-3586May 15, 2019risk 0.00cvss —epss 0.01
Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious…
- CVE-2019-3582Feb 28, 2019risk 0.00cvss —epss 0.00
Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and earlier allows local users to gain elevated privileges via a specific set of circumstances.
Page 2 of 2