First published: Fri Feb 14 2020(Updated: )
Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) Prior to 10.6.1 February 2020 Update allows local users to disable security features via unauthorised use of the configuration tool from older versions of ENS.
Credit: psirt@mcafee.com
Affected Software | Affected Version | How to fix |
---|---|---|
Mcafee Endpoint Security | <10.6.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-7251 is an improper access control vulnerability in the Configuration Tool in McAfee Endpoint Security (ENS) prior to version 10.6.1 February 2020 Update.
CVE-2020-7251 allows local users to disable security features by unauthorized use of the Configuration Tool from older versions of ENS.
CVE-2020-7251 has a severity rating of medium with a score of 5.5.
To fix CVE-2020-7251, update McAfee Endpoint Security to version 10.6.1 February 2020 Update or later.
For more information about CVE-2020-7251, you can visit the official McAfee knowledge base at the following link: https://kc.mcafee.com/corporate/index?page=content&id=SB10299