Vulnerabilities > CVE-2021-23883 - NULL Pointer Dereference vulnerability in Mcafee Endpoint Security

CVSS 4.4 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

mcafee

CWE-476

NVD

Published: 2021-02-10

Updated: 2023-11-16

Summary

A Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local administrator to cause Windows to crash via a specific system call which is not handled correctly. This varies by machine and had partial protection prior to this update.

Vulnerable Configurations

Part	Description	Count
Application	Mcafee Mcafee Endpoint Security 10.5.0 Mcafee Endpoint Security 10.5.1 Mcafee Endpoint Security 10.5.2 Mcafee Endpoint Security 10.5.3 Mcafee Endpoint Security 10.5.4 Mcafee Endpoint Security 10.5.5 Mcafee Endpoint Security 10.6.0 Mcafee Endpoint Security 10.6.1	26

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://kc.mcafee.com/corporate/index?page=content&id=SB10345