CVE-2019-3653 : Security Advisory and Response

McAfee Endpoint Security (ENS) prior to 10.6.1 October 2019 Update is affected by an improper access control vulnerability in the Configuration tool.

Understanding CVE-2019-3653

This CVE involves a vulnerability in the Configuration tool of McAfee Endpoint Security (ENS) that allows unauthorized access to security configurations.

What is CVE-2019-3653?

The CVE-2019-3653 vulnerability in McAfee Endpoint Security (ENS) allows a local user to gain unauthorized access to security configurations by exploiting the Configuration tool.

The Impact of CVE-2019-3653

CVSS Base Score: 4.6 (Medium Severity)
Attack Vector: Local
Confidentiality Impact: High
Integrity Impact: Low
Privileges Required: High
User Interaction: Required
This vulnerability poses a risk of unauthorized access to sensitive security configurations.

Technical Details of CVE-2019-3653

The technical aspects of the CVE-2019-3653 vulnerability are as follows:

Vulnerability Description

The Configuration tool in McAfee Endpoint Security (ENS) prior to 10.6.1 October 2019 Update lacks proper access control measures.

Affected Systems and Versions

Affected Versions:
McAfee Endpoint Security (ENS) 10.6.x (less than 10.6.1)
McAfee Endpoint Security (ENS) 10.5.x (less than 10.5.5)

Exploitation Mechanism

A local user can exploit the Configuration tool to gain unauthorized access to security configurations.

Mitigation and Prevention

Steps to address and prevent the CVE-2019-3653 vulnerability:

Immediate Steps to Take

Update McAfee Endpoint Security (ENS) to version 10.6.1 or higher.
Monitor and restrict access to the Configuration tool.

Long-Term Security Practices

Implement the principle of least privilege to restrict access.
Regularly review and update security configurations.

Patching and Updates

Apply security patches and updates provided by McAfee to address this vulnerability.