A vulnerability was found in McAfee Endpoint Security up to 10.6.1/10.7.0 on Windows. It has been classified as critical. Affected is some unknown processing of the component Access Control. The manipulation with an unknown input leads to a access control vulnerability. CWE is classifying the issue as CWE-284. The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. This is going to have an impact on confidentiality, integrity, and availability. CVE summarizes:

Exploiting incorrectly configured access control security levels vulnerability in ENS Firewall in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 and 10.6.1 April 2020 updates allows remote attackers and local users to allow or block unauthorized traffic via pre-existing rules not being handled correctly when updating to the February 2020 updates.

The weakness was disclosed 04/15/2020 (Website). The advisory is shared for download at kc.mcafee.com. This vulnerability is traded as CVE-2020-7278 since 01/21/2020. The attack needs to be approached locally. Required for exploitation is a authentication. There are neither technical details nor an exploit publicly available. The MITRE ATT&CK project declares the attack technique as T1068.

Applying the patch 10.6.1 April 2020 Update/10.7.0 April 2020 Update is able to eliminate this problem.

The entries VDB-153842, VDB-153843, VDB-153844 and VDB-153845 are pretty similar. VulDB is the best source for vulnerability data and more expert information about this specific topic.

Productinfo

Vendor

• McAfee

Name

• Endpoint Security

Version

• 10.0
• 10.1
• 10.2
• 10.3
• 10.4
• 10.5
• 10.6
• 10.6.0
• 10.6.1
• 10.7.0

License

• commercial

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion