CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2019-3652 – ENS code injection in EPSetup.exe
https://notcve.org/view.php?id=CVE-2019-3652
09 Oct 2019 — Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to get their malicious code installed by the ENS installer via code injection into EPSetup.exe by an attacker with access to the installer. Una vulnerabilidad de inyección de código en el archivo EPSetup.exe en McAfee Endpoint Security (ENS) versiones anteriores a 10.6.1 Update de octubre 2019, permite al usuario local obtener su código malicioso instalado mediante el instalado... • https://kc.mcafee.com/corporate/index?page=content&id=SB10299 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2019-8461
https://notcve.org/view.php?id=CVE-2019-8461
29 Aug 2019 — Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with write permissions to the user. Check Point Endpoint Security Initial Client para Windows versión anterior a E81.30, intenta cargar una biblioteca DLL localizada en cualquier ubicación de RUTA (PATH) en una imagen limp... • https://safebreach.com/Post/Check-Point-Endpoint-Security-Initial-Client-for-Windows-Privilege-Escalation-to-SYSTEM • CWE-114: Process Control CWE-426: Untrusted Search Path •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-3586 – McAfee Endpoint Security firewall not always acting on GTI lookup results
https://notcve.org/view.php?id=CVE-2019-3586
15 May 2019 — Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI reputation is carefully manipulated and does not correctly trigger the ENS Firewall to block the connection. Una falla del mecanismo de protección en el Firewall en McAfee Endpoint Security (ENS) 10.x anterior a 1... • http://www.securityfocus.com/bid/108416 • CWE-693: Protection Mechanism Failure •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2019-8454
https://notcve.org/view.php?id=CVE-2019-8454
29 Apr 2019 — A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the system. Un atacante local puede crear un enlace físico entre un archivo en el cual el cliente para Windows de Check Point Endpoint Security escribe, en versiones anteriores a E80.96, y otro archivo BAT, y luego, haciéndo... • https://supportcenter.us.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk150012 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-65: Windows Hard Link •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 3CVE-2019-8452 – CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-8452
22 Apr 2019 — A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file. Un enlace físico creado desde el archivo log file de Check Point ZoneAlarm hasta la versión 15.4.062 o el cliente de Check Point Endpoint Security para Windows ant... • https://packetstorm.news/files/id/154754 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-65: Windows Hard Link •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3582 – McAfee Endpoint Security updates fix a privilege escalation vulnerability
https://notcve.org/view.php?id=CVE-2019-3582
28 Feb 2019 — Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and earlier allows local users to gain elevated privileges via a specific set of circumstances. Una vulnerabilidad de escalado de privilegios en el cliente de Microsoft Windows en McAfee Endpoint Security (ENS), en versiones 10.6.1 y anteriores, permite a los usuarios locales ganar privilegios elevados gracias a unas circunstancias específicas. • https://kc.mcafee.com/corporate/index?page=content&id=SB10254 •
CVSS: 5.0EPSS: 0%CPEs: 17EXPL: 0CVE-2017-4028 – SB10193 - consumer and corporate products - Maliciously misconfigured registry vulnerability
https://notcve.org/view.php?id=CVE-2017-4028
03 Apr 2018 — Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters. Vulnerabilidad de registro maliciosamente configurado en todos los productos Microsoft Windows en productos para consumidores y empresas de McAfee permite que un administrador inyecte código arbitrario en un proceso McAffee depurado mediante la manipulación de parám... • http://www.securityfocus.com/bid/97958 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-6316
https://notcve.org/view.php?id=CVE-2018-6316
15 Feb 2018 — Ivanti Endpoint Security (formerly HEAT Endpoint Management and Security Suite) 8.5 Update 1 and earlier allows an authenticated user with low privileges and access to the local network to bypass application whitelisting when using the Application Control module on Ivanti Endpoint Security in lockdown mode. Existe un desbordamiento de búfer basado en memoria dinámica (heap) en InfoZip UnZip 6.10c22 que permite que un atacante realice una denegación de servicio (DoS) o que pueda lograr la ejecución de código... • https://community.ivanti.com/docs/DOC-65656 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-8010
https://notcve.org/view.php?id=CVE-2016-8010
14 Mar 2017 — Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility. Vulnerabilidad de elusión de protecciones de aplicaciones en Intel Security McAfee Application Control (MAC) 7.0 y versiones anteriores y Endpoint Security (ENS) 10.2 y versiones anteriores permite a usuarios locales eludir la protección de seguridad local a través de una... • http://www.securityfocus.com/bid/94661 • CWE-284: Improper Access Control •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 3CVE-2016-9892 – F-Secure AV Man-In-The-Middle
https://notcve.org/view.php?id=CVE-2016-9892
27 Feb 2017 — The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint Security for macOS before 6.4.168.0 does not properly verify X.509 certificates from the edf.eset.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide crafted responses to license activation requests via a self-signed certificate. NOTE: this issue can be combined with CVE-2016-0718 to execute arbitrary code remotely as root. El servicio esets_daemon en ESET Endpoint Antivirus para... • https://packetstorm.news/files/id/141350 • CWE-295: Improper Certificate Validation •