vulnerability

McAfee Endpoint Security Platform: CVE-2020-7263: Endpoint security update fixes a configuration editing vulnerability (SB10314)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:N/C:P/I:P/A:P)	Apr 1, 2020	Aug 11, 2020	Dec 21, 2020

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

Apr 1, 2020

Added

Aug 11, 2020

Modified

Dec 21, 2020

Description

Improper access control vulnerability in ESconfigTool.exe in McAfee Endpoint Security (ENS) for Windows all current versions allows local administrator to alter ENS configuration up to and including disabling all protection offered by ENS via insecurely implemented encryption of configuration for export and import.

Solutions

mcafee-endpoint-security-platform-upgrade-10-6-1-2014mcafee-endpoint-security-platform-upgrade-10-7-0-1961

References

CVE-2020-7263
https://attackerkb.com/topics/CVE-2020-7263
MCAFEE-SB10314

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today