Mcafee Endpoint Security (Ens) For Windows
Approved changes feed: RSS · Atom
cpe:2.3:a:mcafee,llc:mcafee_endpoint_security_(ens)_for_windows:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Mcafee,Llc (a07eec98-d34c-5045-9a0e-859fd3b6002d) |
|---|---|
| Product | Mcafee Endpoint Security (Ens) For Windows (06a7b2d7-3c7a-5bf4-abe4-40e4755a457e) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-31843 |
vulnerable | 2026-06-03 14:44:33.618138 |
Improper access control vulnerability in McAfee ENS for Windows
HIGH (7.3)
Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended location.
Published: 2021-09-17T13:40:12.000Z
Updated: 2024-08-03T23:10:30.554Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31842 |
vulnerable | 2026-06-03 14:44:33.612962 |
Details available
MEDIUM (5)
XML Entity Expansion injection vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2021 Update allows a local user to initiate high CPU and memory consumption resulting in a Denial of Service attack through carefully editing the EPDeploy.xml file and then executing the setup process.
Published: 2021-09-17T13:35:12.000Z
Updated: 2024-08-03T23:10:30.765Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-7308 |
vulnerable | 2026-06-03 14:43:06.012948 |
Transmission of data in clear text by McAfee ENS
MEDIUM (4.8)
Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update and McAfee Global Threat Intelligence (GTI) servers using DNS allows a remote attacker to view the requests from ENS and responses from GTI over DNS. By gaining control of an intermediate DNS server or altering the network DNS configuration, it is possible for an attacker to intercept requests and send their own responses.
Published: 2021-04-15T07:40:19.000Z
Updated: 2024-08-04T09:25:49.044Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-7264 |
vulnerable | 2026-06-03 14:43:05.929247 |
Privilege Escalation vulnerability through symbolic links in ENS for Windows
HIGH (8.8)
Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Hotfix 199847 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
Published: 2020-05-08T11:45:14.046Z
Updated: 2024-09-17T02:57:21.298Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.