Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

McAfee Endpoint Security (ENS) — Vulnerabilities & Security Advisories 17

All 17 CVE vulnerabilities found in McAfee Endpoint Security (ENS), with AI-generated Chinese analysis, references, and POCs.

This page aggregates vulnerability data for the McAfee Endpoint Security product, categorized under endpoint security weaknesses. It compiles a comprehensive collection of security flaws, including remote code execution, privilege escalation, and denial of service issues, affecting various versions of the software. The data covers incidents reported from January 2018 through December 2023, providing a robust historical context for analyzing the product's security posture over time. Users can utilize this resource to track specific vendor advisories issued by McAfee as they address identified threats and implement necessary patches. Furthermore, this aggregation allows security professionals to understand broader trends within specific weakness classes, such as buffer overflows or input validation errors, as they manifest in enterprise endpoint solutions. Readers can also look up the complete vulnerability history of McAfee Endpoint Security to assess the impact of past flaws on their deployment environments. This information supports risk assessment and patch management strategies by offering a centralized view of known issues and their resolution status. By examining the timeline and severity of past incidents, organizations can better prioritize updates and mitigate potential exposure to similar exploit techniques. The goal is to provide clear, factual insights that aid in maintaining a secure infrastructure without speculative commentary or promotional language. This structured approach ensures that technical teams have access to the necessary details to make informed decisions regarding software maintenance and security hardening.

Vendor: McAfee, LLC

CVE IDTitleCVSSSeverityPublished
CVE-2020-7331 Unquoted service executable path in McAfee Endpoint Security (ENS) CWE-428 7.8 High2020-11-12
CVE-2020-7255 Privilege Escalation vulnerability  in ENS CWE-264 3.9 Low2020-04-15
CVE-2020-7250 ENS symbolic link log file manipulation vulnerability CWE-59 8.2 High2020-04-15
CVE-2020-7257 Privilege Escalation vulnerability through Symbolic links in ENS CWE-264 8.4 High2020-04-15
CVE-2020-7259 Unsigned executable vulnerability in ENS can be used to bypass intended self-protection rules CWE-264 6.6 Medium2020-04-15
CVE-2020-7261 Buffer overwrite in ENS allowed to bypass AMSI protection CWE-119 6.1 Medium2020-04-15
CVE-2020-7273 Autorun registry bypass CWE-269 6.7 Medium2020-04-15
CVE-2020-7275 Unquoted service paths for some McAfee ENS files CWE-428 4.8 Medium2020-04-15
CVE-2020-7274 ENS elevated permissions vulnerability CWE-269 6.6 Medium2020-04-15
CVE-2020-7277 McAfee processes not protected CWE-693 6.8 Medium2020-04-15
CVE-2020-7276 Unrestricted Policy Management using MfeUpgradeTool.exe CWE-287 6.4 Medium2020-04-15
CVE-2020-7278 McAfee firewall rules not enforced correctly CWE-284 7.4 High2020-04-15
CVE-2020-7251 ESConfig Tool able to edit configuration for newer version CWE-358 5.0 Medium2020-02-14
CVE-2019-3653 ESConfig Tool access not controlled CWE-284 4.6 Medium2019-10-09
CVE-2019-3652 ENS code injection in EPSetup.exe CWE-94 5.0 Medium2019-10-09
CVE-2019-3586 McAfee Endpoint Security firewall not always acting on GTI lookup results CWE-693 4.7 -2019-05-15
CVE-2019-3582 McAfee Endpoint Security updates fix a privilege escalation vulnerability 7.8 -2019-02-28

All 17 known CVE vulnerabilities affecting McAfee Endpoint Security (ENS) with full Chinese analysis, references, and POCs where available.