Request a Demo
Rewterz
Rewterz Threat Alert – Poulight Stealer
May 12, 2020
Rewterz
Rewterz Threat Alert – Lazarus Dacls RAT Hits Macs via 2FA App
May 12, 2020

Rewterz Threat Advisory – McAfee Multiple Security Updates

Severity

Medium

Analysis Summary

CVE-2020-7285

Privilege Escalation vulnerability in McAfee MVISION Endpoint prior to 20.5.0.94 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

CVE-2020-7286

Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Windows prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

CVE-2020-7287

Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Linux prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

CVE-2020-7288

Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Mac prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

CVE-2020-7289

Privilege Escalation vulnerability in McAfee Active Response (MAR) for Windows prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

CVE-2020-7290

Privilege Escalation vulnerability in McAfee Active Response (MAR) for Linux prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

CVE-2020-7291

Privilege Escalation vulnerability in McAfee Active Response (MAR) for Mac prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

Impact

Privilege escalation

Affected Vendors

McAfee

Affected Products

  • McAfee MVISION Endpoint prior to 20.5.0.94
  • McAfee Exploit Detection and Response (EDR) for Windows prior to 3.1.0 Hotfix 1
  • McAfee Exploit Detection and Response (EDR) for Linux prior to 3.1.0 Hotfix 1
  • McAfee Exploit Detection and Response (EDR) for Mac prior to 3.1.0 Hotfix 1

Remediation

Update to upgraded version:

  • MVISION Endpoint – Update to MVISION Endpoint 20.5.0.94.
  • EDR (all operating systems) – Update to EDR 3.1.0 Hotfix 1.
  • MAR (all operating systems) – Update to MAR 2.4.3 Hotfix 1.