Endpoint Security Security Vulnerabilities
Improper Authentication vulnerability in Bitdefender Endpoint Security for Mac allows an unprivileged process to restart the main service and potentially inject third-party code into a trusted process. This issue affects: Bitdefender Endpoint Security for Mac versions prior to 4.12.80.
8.8CVSS
8.6AI Score
0.0004EPSS
Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local user to view ENS settings and credentials via accessing process memory after the ENS administrator has performed specific actions. To...
7.3CVSS
5AI Score
0.0004EPSS
Improper Access Control in attribute in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows authenticated local administrator user to perform an uninstallation of the anti-malware engine via the running of a specific command with the correct parameters.
6.7CVSS
4.6AI Score
0.0004EPSS
A stored cross site scripting vulnerability in ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 February 2021 Update allows an ENS ePO administrator to add a script to a policy event which will trigger the script to be run through a browser block page when a local non-administrator u...
4.8CVSS
4.7AI Score
0.001EPSS
Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean install...
8.2CVSS
4.6AI Score
0.0004EPSS
A Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local administrator to cause Windows to crash via a specific system call which is not handled correctly. This varies by machine and had partial protection prior to th...
4.4CVSS
4.4AI Score
0.0004EPSS
A denial-of-service issue existed in one of modules that was incorporated in Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security. A local user could cause Windows crash by running a specially crafted binary module. The fix was delivered automatically. Credits: (Straghkov Denis, K...
5.5CVSS
5.4AI Score
0.0004EPSS
Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client privil...
7.8CVSS
7.5AI Score
0.0005EPSS
SES Evolution before 2.1.0 allows modifying security policies by leveraging access of a user having read-only access to security policies.
5.2CVSS
5.2AI Score
0.0004EPSS
SES Evolution before 2.1.0 allows deleting some parts of a security policy by leveraging access to a computer having the administration console installed.
5.7CVSS
5.6AI Score
0.001EPSS
SES Evolution before 2.1.0 allows updating some parts of a security policy by leveraging access to a computer having the administration console installed.
5.7CVSS
5.6AI Score
0.001EPSS
SES Evolution before 2.1.0 allows reading some parts of a security policy by leveraging access to a computer having the administration console installed.
5.7CVSS
5.6AI Score
0.001EPSS
SES Evolution before 2.1.0 allows duplicating an existing security policy by leveraging access of a user having read-only access to security policies.
3.5CVSS
4.2AI Score
0.001EPSS
SES Evolution before 2.1.0 allows deleting some resources not currently in use by any security policy by leveraging access to a computer having the administration console installed.
7.3CVSS
7.1AI Score
0.001EPSS
XML Entity Expansion injection vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2021 Update allows a local user to initiate high CPU and memory consumption resulting in a Denial of Service attack through carefully editing the EPDeploy.xml file and then executing...
5.5CVSS
5.5AI Score
0.0004EPSS
Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended locatio...
7.8CVSS
7.4AI Score
0.0004EPSS
Possible system denial of service in case of arbitrary changing Firefox browser parameters. An attacker could change specific Firefox browser parameters file in a certain way and then reboot the system to make the system unbootable.
7.5CVSS
7.3AI Score
0.009EPSS
Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs (in %WINDIR%\system32) with malicious ones.
6.7CVSS
6.4AI Score
0.0004EPSS
ESET was made aware of a vulnerability in its consumer and business products for macOS that enables a user logged on to the system to stop the ESET daemon, effectively disabling the protection of the ESET security product until a system reboot.
5.5CVSS
5.3AI Score
0.0004EPSS
Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious code with higher privileges. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ...
7.8CVSS
7.6AI Score
0.0004EPSS
ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can be leveraged by attacker to escalate privileges in the context of NT AUTHORITY\SYSTEM.
7.8CVSS
7.6AI Score
0.001EPSS
5.2CVSS
5.3AI Score
0.0004EPSS
9.8CVSS
9.8AI Score
0.006EPSS
4.3CVSS
4.7AI Score
0.001EPSS
A local privilege escalation (LPE) issue was discovered in the ransomware canaries features of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
7.8CVSS
7.7AI Score
0.0004EPSS
Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links.
7.8CVSS
7.4AI Score
0.0004EPSS
Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator.
2.3CVSS
3.8AI Score
0.0004EPSS
Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit "Repair" and "Uninstall" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET I...
7.1CVSS
7AI Score
0.0004EPSS
Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing module that potentially allowed an attacker to execute arbitrary code. The fix was delivered automatically. Credits: Georgy Zaytsev (Positive Tec...
9.8CVSS
9.5AI Score
0.003EPSS
An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
7.8CVSS
7.5AI Score
0.0004EPSS
An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
7.8CVSS
7.5AI Score
0.0004EPSS
An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
7.8CVSS
7.5AI Score
0.0004EPSS
A timing based side channel exists in the OpenSSL RSA Decryption implementationwhich could be sufficient to recover a plaintext across a network in aBleichenbacher style attack. To achieve a successful decryption an attackerwould have to be able to send a very large number of trial messages fordecr...
5.9CVSS
6.6AI Score
0.002EPSS
Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality.
6CVSS
5.8AI Score
0.0004EPSS
Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control: authenticated users can read sensitive information.
5.5CVSS
5.4AI Score
0.0004EPSS
Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control that allows an authenticated user can update global parameters.
4.3CVSS
4.7AI Score
0.0005EPSS
Local privilege escalation in Check Point Endpoint Security Client (version E87.30) via crafted OpenSSL configuration file
7.8CVSS
7.7AI Score
0.001EPSS
Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint/ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
7.8CVSS
7.8AI Score
0.0004EPSS
The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions.
7.8CVSS
7.5AI Score
0.0005EPSS
Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges.
5.5CVSS
5.5AI Score
0.0004EPSS
Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows interactive users to read data, which could allow access to information reserved to administrators.
4.3CVSS
4.4AI Score
0.001EPSS
A code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and earlier, allowed a local user to disable the ENS AMSI component via environment variables,leading to denial of service and or the execution of arbitrary code.
7.8CVSS
7.5AI Score
0.0004EPSS
Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted.
8.6CVSS
8.5AI Score
0.0005EPSS
Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\NetworkService permissions.
5.5CVSS
6.3AI Score
0.0004EPSS
Improper cleanup vulnerability in exceptions thrown in FireEye Endpoint Security, affecting version 5.2.0.958244. This vulnerability could allow an attacker to send multiple request packets to the containment_notify/preview parameter, which could lead to a service outage.
7.5CVSS
7.4AI Score
0.0005EPSS