CVE-2019-3586

Name of the Vulnerable Software and Affected Versions McAfee Endpoint Security (ENS) versions prior to 10.6.1 May 2019 update

Description A protection mechanism failure in the firewall allows context-dependent attackers to circumvent protection by manipulating GTI reputation, preventing the firewall from blocking connections to specially crafted malicious sites.

Recommendations For versions prior to 10.6.1 May 2019 update, update to the May 2019 update or later to resolve the issue. As a temporary workaround, consider restricting access to sites with questionable GTI reputation to minimize the risk of exploitation.