Authentication Protection Bypass vulnerability in ENS for Windows
CVE-2020-7323

6.9MEDIUM

Key Information:

Vendor: Mcafee Llc
Status: Endpoint Security For Windows
Vendor: CVE Published:; 9 September 2020

Summary

Authentication Protection Bypass vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows physical local users to bypass the Windows lock screen via triggering certain detection events while the computer screen is locked and the McTray.exe is running with elevated privileges. This issue is timing dependent and requires physical access to the machine.

Affected Version(s)

Endpoint Security for Windows 10.7.x < 10.7.0 September 2020 Update

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Sep 9, 2020
Vulnerability Reserved
Jan 21, 2020

Credit

McAfee credits Lockheed Martin Red Team for responsibly reporting this flaw.