Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

McAfee LLC — Vulnerabilities & Security Advisories 28

Browse all 28 CVE security advisories affecting McAfee LLC. AI-powered Chinese analysis, POCs, and references for each vulnerability.

McAfee LLC operates as a prominent cybersecurity firm specializing in endpoint protection, cloud security, and identity management solutions for enterprise and consumer markets. Its software portfolio, which includes antivirus and firewall utilities, has historically been susceptible to critical vulnerability classes, notably Remote Code Execution (RCE), Cross-Site Scripting (XSS), and privilege escalation flaws. These defects often stem from improper input validation or memory handling errors within its extensive codebase. While the company maintains a robust security engineering framework, past incidents have highlighted challenges in patching legacy components and securing third-party integrations. With 28 Common Vulnerabilities and Exposures (CVEs) currently on record, McAfee LLC continues to address these technical debt issues through regular updates and enhanced secure development lifecycle practices, aiming to mitigate risks associated with its widespread deployment in global IT infrastructure.

Top products by McAfee LLC: McAfee Endpoint Security (ENS) Endpoint Security (ENS) for Windows Endpoint Security for Windows MA for Windows McAfee Network Security Manager (NSM) MVISION Endpoint McAfee DXL for Mac shipped with MA
CVE IDTitleCVSSSeverityPublished
CVE-2021-23881 Stored Cross Site Scripting in ENS — Endpoint Security (ENS) for WindowsCWE-79 4.8 Medium2021-02-10
CVE-2021-23883 Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS) — Endpoint Security (ENS) for WindowsCWE-476 4.0 Medium2021-02-10
CVE-2021-23882 Improper Access Control in the ENS installer — Endpoint Security (ENS) for WindowsCWE-269 8.2 High2021-02-10
CVE-2021-23880 Improper Access Control in the ENS installer — Endpoint Security (ENS) for WindowsCWE-269 6.7 Medium2021-02-10
CVE-2021-23878 Clear text storage of sensitive Information in ENS — Endpoint Security (ENS) for WindowsCWE-312 7.3 High2021-02-10
CVE-2020-7315 DLL Injection vulnerability in MA for Windows — MA for WindowsCWE-426 6.0 Medium2020-09-10
CVE-2020-7314 Privilege Escalation vulnerability in McAfee DXL for Mac — McAfee DXL for Mac shipped with MACWE-732 8.2 High2020-09-10
CVE-2020-7311 Privilege Escalation vulnerability in MA for Windows — MA for WindowsCWE-269 7.8 High2020-09-10
CVE-2020-7312 DLL Search Order Hijacking in MA for Windows — MA for WindowsCWE-427 7.8 High2020-09-10
CVE-2020-7325 Privilege Escalation vulnerability in MVISION Endpoint — MVISION EndpointCWE-59 5.5 Medium2020-09-09
CVE-2020-7324 Improper Access Control vulnerability in MVISION Endpoint — MVISION EndpointCWE-269 6.1 Medium2020-09-09
CVE-2020-7323 Authentication Protection Bypass vulnerability in ENS for Windows — Endpoint Security for WindowsCWE-287 6.9 Medium2020-09-09
CVE-2020-7322 Exposure of Sensitive Information in ENS for Windows — Endpoint Security for WindowsCWE-532 4.7 Medium2020-09-09
CVE-2020-7319 Improper Access Control Vulnerability in ENS for Windows — Endpoint Security for WindowsCWE-59 8.8 High2020-09-09
CVE-2020-7320 Protection Mechanism Failure in ENS for Windows — Endpoint Security for WindowsCWE-693 6.7 Medium2020-09-09
CVE-2020-7255 Privilege Escalation vulnerability  in ENS — McAfee Endpoint Security (ENS)CWE-264 3.9 Low2020-04-15
CVE-2020-7250 ENS symbolic link log file manipulation vulnerability — McAfee Endpoint Security (ENS)CWE-59 8.2 High2020-04-15
CVE-2020-7257 Privilege Escalation vulnerability through Symbolic links in ENS — McAfee Endpoint Security (ENS)CWE-264 8.4 High2020-04-15
CVE-2020-7259 Unsigned executable vulnerability in ENS can be used to bypass intended self-protection rules — McAfee Endpoint Security (ENS)CWE-264 6.6 Medium2020-04-15
CVE-2020-7261 Buffer overwrite in ENS allowed to bypass AMSI protection — McAfee Endpoint Security (ENS)CWE-119 6.1 Medium2020-04-15
CVE-2020-7273 Autorun registry bypass — McAfee Endpoint Security (ENS)CWE-269 6.7 Medium2020-04-15
CVE-2020-7275 Unquoted service paths for some McAfee ENS files — McAfee Endpoint Security (ENS)CWE-428 4.8 Medium2020-04-15
CVE-2020-7274 ENS elevated permissions vulnerability — McAfee Endpoint Security (ENS)CWE-269 6.6 Medium2020-04-15
CVE-2020-7277 McAfee processes not protected — McAfee Endpoint Security (ENS)CWE-693 6.8 Medium2020-04-15
CVE-2020-7276 Unrestricted Policy Management using MfeUpgradeTool.exe — McAfee Endpoint Security (ENS)CWE-287 6.4 Medium2020-04-15
CVE-2020-7278 McAfee firewall rules not enforced correctly — McAfee Endpoint Security (ENS)CWE-284 7.4 High2020-04-15
CVE-2019-3606 Data leakage when in an MDR pair by McAfee Network Security Manager 9.x — McAfee Network Security Manager (NSM) 4.4 -2019-03-26
CVE-2019-3597 Authentication bypass in McAfee Network Security Manager 9.x — McAfee Network Security Manager (NSM) 9.8 -2019-03-26

This page lists every published CVE security advisory associated with McAfee LLC. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.