Improper Authentication in McAfee Endpoint Security (ENS) - CVE-2020-7323

 

Improper Authentication in McAfee Endpoint Security (ENS) - CVE-2020-7323

Published: September 14, 2020


Vulnerability identifier: #VU46690
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2020-7323
CWE-ID: CWE-287
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: McAfee
Affected software:
McAfee Endpoint Security (ENS)

Detailed vulnerability description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests. An attacker with physical access can bypass the Windows lock screen via triggering certain detection events while the computer screen is locked and the McTray.exe is running with elevated privileges.

Note: This vulnerability affects the following versions:

  • 10.7.0.x
  • 10.6.x
  • 10.5.x

How to mitigate CVE-2020-7323

Install updates from vendor's website.

Sources