Vulnerabilities > CVE-2020-7278 - Missing Authorization vulnerability in Mcafee Endpoint Security

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
mcafee
CWE-862
nessus

Summary

Exploiting incorrectly configured access control security levels vulnerability in ENS Firewall in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 and 10.6.1 April 2020 updates allows remote attackers and local users to allow or block unauthorized traffic via pre-existing rules not being handled correctly when updating to the February 2020 updates.

Common Weakness Enumeration (CWE)

Nessus

NASL familyWindows
NASL idMCAFEE_ENS_SB10309.NASL
descriptionThe version of the McAfee Endpoint Security (ENS) for Windows installed on the remote Windows host is 10.5.x prior to 10.5.5 Security Hotfix 129256, 10.6.x prior to 10.6.1 April 2020 Update, or 10.7.x prior to 10.7.0 April 2020 Update. It is, therefore, affected by multiple vulnerabilities: - A Symbolic link manipulation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows authenticated local user to potentially gain an escalation of privileges by pointing the link to files which the user would not normally have permission to alter via carefully creating symbolic links from the ENS log file directory. (CVE-2020-7250) - A privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges due to a configuration error.Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via a configuration error. (CVE-2020-7255) - A privilege escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links whilst an anti-virus scan was in progress. This is timing dependent. (CVE-2020-7257) It is also affected by additional vulnerabilities; see the vendor advisory for more information
last seen2020-05-16
modified2020-04-24
plugin id135972
published2020-04-24
reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/135972
titleMcAfee Endpoint Security for Windows 10.5.x < 10.5.5 Security Hotfix 129256 / 10.6.x < 10.6.1 April 2020 Update / 10.7.x < 10.7.0 April 2020 Update Multiple Vulnerabilities (SB10309)