Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2020-7278
CVE-2020-7278:
Trellix Endpoint Security Agent vulnerability analysis and mitigation
Overview
A vulnerability identified as CVE-2020-7278 was discovered in McAfee Endpoint Security (ENS) for Windows, specifically affecting the ENS Firewall component. The issue exists in versions prior to 10.7.0 April 2020 and 10.6.1 April 2020 updates, where incorrectly configured access control security levels could be exploited (MITRE CVE).
Technical details
The vulnerability stems from pre-existing rules not being handled correctly when updating to the February 2020 updates. This is classified as an access control security level configuration issue that affects the ENS Firewall component (NVD).
Impact
The vulnerability allows remote attackers and local users to manipulate firewall traffic by allowing or blocking unauthorized network traffic through the exploitation of incorrectly handled pre-existing rules (MITRE CVE).
Mitigation and workarounds
McAfee has released patches to address this vulnerability in the April 2020 updates. Users should upgrade to ENS version 10.7.0 April 2020 update or 10.6.1 April 2020 update to mitigate this vulnerability (MITRE CVE).
Additional resources
Source: This report was generated using AI
Related Trellix Endpoint Security Agent vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management