First published: Wed Feb 10 2021(Updated: )
Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean installations of ENS as the Access Control rules will prevent modification prior to up an upgrade.
Credit: psirt@mcafee.com trellixpsirt@trellix.com
Affected Software | Affected Version | How to fix |
---|---|---|
Mcafee Endpoint Security | <10.7.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this McAfee Endpoint Security vulnerability is CVE-2021-23882.
The severity level of CVE-2021-23882 is high with a severity value of 4.4.
CVE-2021-23882 is an Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to version 10.7.0.
This vulnerability affects McAfee Endpoint Security for Windows versions prior to 10.7.0.
Local administrators can prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed.