vulnerability

McAfee Endpoint Security Platform: CVE-2021-23882: Endpoint security for windows update fixes five vulnerabilities (SB10345)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
2	(AV:L/AC:M/Au:N/C:N/I:P/A:N)	2021-02-10	2022-08-16	2022-08-16

Severity

CVSS

(AV:L/AC:M/Au:N/C:N/I:P/A:N)

Published

2021-02-10

Added

2022-08-16

Modified

2022-08-16

Description

Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean installations of ENS as the Access Control rules will prevent modification prior to up an upgrade.

Solution(s)

mcafee-endpoint-security-platform-upgrade-10-6-1-2286mcafee-endpoint-security-platform-upgrade-10-7-0-2421

References

CVE-2021-23882
https://attackerkb.com/topics/CVE-2021-23882
MCAFEE-SB10345

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today