Mcafee: Security Vulnerabilities
Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to access protected dashboard data via improper access control in the user interface.
CVSS Score
5.7
EPSS Score
0.001
Published
2020-09-16
Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user with low permissions to change the system's root password via improper access controls in the user interface.
CVSS Score
9.0
EPSS Score
0.001
Published
2020-09-15
Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to delete or download protected files via improper access controls in the REST interface.
CVSS Score
4.6
EPSS Score
0.001
Published
2020-09-15
Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to delete or download protected log data via improper access controls in the user interface.
CVSS Score
3.5
EPSS Score
0.001
Published
2020-09-15
Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to access protected configuration files via improper access control in the user interface.
CVSS Score
5.7
EPSS Score
0.001
Published
2020-09-15
DLL Search Order Hijacking Vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-09-10
Privilege Escalation Vulnerability in the installer in McAfee Data Exchange Layer (DXL) Client for Mac shipped with McAfee Agent (MA) for Mac prior to MA 5.6.6 allows local users to run commands as root via incorrectly applied permissions on temporary files.
CVSS Score
8.2
EPSS Score
0.0
Published
2020-09-10
DLL Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to execute arbitrary code via careful placement of a malicious DLL.
CVSS Score
6.0
EPSS Score
0.001
Published
2020-09-10
Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files.
CVSS Score
7.8
EPSS Score
0.0
Published
2020-09-10
Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file.
CVSS Score
8.8
EPSS Score
0.001
Published
2020-09-09