PT-2020-19552 · Mcafee · Mcafee Endpoint Security

Published

2020-09-09

Updated

2022-01-01

CVE-2020-7323

CVSS v3.1

6.9

Medium

Vector

AV:P/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L

Name of the Vulnerable Software and Affected Versions McAfee Endpoint Security (ENS) for Windows versions prior to 10.7.0 September 2020 Update

Description The issue allows physical local users to bypass the Windows lock screen by triggering certain detection events while the computer screen is locked and the McTray.exe is running with elevated privileges. This is a timing-dependent exploit that requires physical access to the machine.

Recommendations For versions prior to 10.7.0 September 2020 Update, update to the September 2020 Update or later to resolve the issue. As a temporary workaround, consider restricting access to the McTray.exe when the computer screen is locked to minimize the risk of exploitation.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2020-7323

Affected Products

Mcafee Endpoint Security

PT-2020-19552 · Mcafee · Mcafee Endpoint Security

CVE-2020-7323

Weakness Enumeration

Related Identifiers

Affected Products

References · 3