Buffer overwrite in ENS allowed to bypass AMSI protection
CVE-2020-7261

6.1MEDIUM

Key Information:

Vendor

Mcafee Llc

Vendor
CVE Published:
14 April 2020

What is CVE-2020-7261?

Buffer Overflow via Environment Variables vulnerability in AMSI component in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to disable Endpoint Security via a carefully crafted user input.

Affected Version(s)

McAfee Endpoint Security (ENS) 10.x < 10.7.0 April 2020 Update

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2020-7261 : Buffer overwrite in ENS allowed to bypass AMSI protection